An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.
Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.
Security Fix(es) :
* ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)
* QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)
* QEMU: qxl: NULL pointer dereference while releasing spice resources (CVE-2019-12155)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes :
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
{"oraclelinux": [{"lastseen": "2021-11-24T16:27:49", "description": " ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-11-14T00:00:00", "type": "oraclelinux", "title": "virt:ol security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155", "CVE-2019-9755", "CVE-2019-9824"], "modified": "2019-11-14T00:00:00", "id": "ELSA-2019-3345", "href": "http://linux.oracle.com/errata/ELSA-2019-3345.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:24:49", "description": "[0.12.1.2-2.506.el6_10.4]\n- kvm-target-i386-Sanitize-the-XSAVE-related-feature-bits.patch [bz#1673779]\n- kvm-slirp-check-sscanf-result-when-emulating-ident.patch [bz#1689790]\n- Resolves: bz#1673779\n (RHEL8 VM's do not install on RHEL6 KVM hypervisor)\n- Resolves: bz#1689790\n (CVE-2019-9824 qemu-kvm: QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables [rhel-6])", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-07-02T00:00:00", "type": "oraclelinux", "title": "qemu-kvm security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9824"], "modified": "2019-07-02T00:00:00", "id": "ELSA-2019-1650", "href": "http://linux.oracle.com/errata/ELSA-2019-1650.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:24:58", "description": "[7.2-3]\n- Fix for CVE-2019-9755\n (heap-based buffer overflow leads to local root privilege escalation)\n resolves: rhbz#1698502", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-13T00:00:00", "type": "oraclelinux", "title": "libguestfs-winsupport security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9755"], "modified": "2019-08-13T00:00:00", "id": "ELSA-2019-2308", "href": "http://linux.oracle.com/errata/ELSA-2019-2308.html", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:49", "description": "[1.5.3-167.el7_7.1]\n- kvm-qxl-check-release-info-object.patch [bz#1732337]\n- kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734748]\n- Resolves: bz#1732337\n (CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-7] [rhel-7.7.z])\n- Resolves: bz#1734748\n (CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during packet reassembly [rhel-7.7.z])", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-09-04T00:00:00", "type": "oraclelinux", "title": "qemu-kvm security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155", "CVE-2019-14378"], "modified": "2019-09-04T00:00:00", "id": "ELSA-2019-2607", "href": "http://linux.oracle.com/errata/ELSA-2019-2607.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:24", "description": "[12:2.9.0-21.el7]\n- x86: Add mds feature (Karl Heubaum) \n- e1000: Never increment the RX undersize count register (Chris Kenna) \n- i386: Add some MSR based features on Cascadelake-Server CPU model (Tao Xu) [Orabug: 29643540]\n- i386: Update stepping of Cascadelake-Server (Tao Xu) [Orabug: 29643540]\n- kvm: Use KVM_GET_MSR_INDEX_LIST for MSR_IA32_ARCH_CAPABILITIES support (Bandan Das) [Orabug: 29643540]\n- x86: define a new MSR based feature word -- FEATURE_WORDS_ARCH_CAPABILITIES (Robert Hoo) [Orabug: 29643540]\n- x86: Data structure changes to support MSR based features (Robert Hoo) [Orabug: 29643540]\n- kvm: Add support to KVM_GET_MSR_FEATURE_INDEX_LIST and KVM_GET_MSRS system ioctl (Robert Hoo) [Orabug: 29643540]\n- i386: Add CPUID bit and feature words for IA32_ARCH_CAPABILITIES MSR (Robert Hoo) [Orabug: 29643540]\n- i386: Add new MSR indices for IA32_PRED_CMD and IA32_ARCH_CAPABILITIES (Robert Hoo) [Orabug: 29643540]\n- update Linux headers to 4.16-rc5 (Paolo Bonzini) [Orabug: 29643540]\n- linux-headers: update (Cornelia Huck) [Orabug: 29643540]\n- linux-headers: update to 4.15-rc1 (Eric Auger) [Orabug: 29643540]\n- linux-headers: sync against v4.14-rc1 (Alexey Perevalov) [Orabug: 29643540]\n- linux header sync against v4.13-rc1 (Christian Borntraeger) [Orabug: 29643540]\n- linux-headers: update to 4.13-rc0 (Christian Borntraeger) [Orabug: 29643540]\n- parfait: --disable-avx2 no longer needed by rpmbuild (Liam Merwick) [Orabug: 28733157]\n- parfait: deal with parfait returning non-zero return value (Liam Merwick) [Orabug: 28733157]\n- parfait: use nproc to choose default number of threads (Liam Merwick) [Orabug: 28733157]\n- parfait: provide option to upload results (Liam Merwick) [Orabug: 28733157]\n- parfait: disable misaligned-access check (Liam Merwick) [Orabug: 28733157]\n- parfait: Run static analysis when --with parfait specified (Liam Merwick) [Orabug: 28733157]\n- parfait: add buildrpm/parfait-qemu.conf (Liam Merwick) [Orabug: 28733157]\n- device_tree.c: Don't use load_image() (Peter Maydell) [Orabug: 29546331] {CVE-2018-20815}\n- slirp: check sscanf result when emulating ident (William Bowling) [Orabug: 29501785] {CVE-2019-9824}\n- i2c-ddc: fix oob read (Gerd Hoffmann) [Orabug: 29377317] {CVE-2019-3812}", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-14T00:00:00", "type": "oraclelinux", "title": "qemu security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20815", "CVE-2019-3812", "CVE-2019-9824"], "modified": "2019-05-14T00:00:00", "id": "ELSA-2019-4631", "href": "http://linux.oracle.com/errata/ELSA-2019-4631.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-30T06:24:49", "description": "[1.5.3-167.el7]\n- Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503]\n- Resolves: bz#1618503\n (qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-7])\n[1.5.3-166.el7]\n- kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618503]\n- Resolves: bz#1618503\n (qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-7])\n[1.5.3-165.el7]\n- kvm-Fix-eax-for-cpuid-leaf-0x40000000.patch [bz#1709495]\n- kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch [bz#1669068]\n- kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch [bz#1669068]\n- kvm-slirp-don-t-manipulate-so_rcv-in-tcp_emu.patch [bz#1669068]\n- Resolves: bz#1669068\n (CVE-2019-6778 qemu-kvm: QEMU: slirp: heap buffer overflow in tcp_emu() [rhel-7.7])\n- Resolves: bz#1709495\n (Change CPUID[0x40000000].EAX from 0 to KVM_CPUID_FE...ATURES (0x40000001))\n[1.5.3-164.el7]\n- kvm-target-i386-define-md-clear-bit-rhel.patch [bz#1693217]\n- Resolves: bz#1693217\n (CVE-2018-12126 qemu-kvm: hardware: Microarchitectural Store Buffer Data Sampling [rhel-7.7] )\n[1.5.3-163.el7]\n- kvm-x86-cpu-Enable-CLDEMOTE-Demote-Cache-Line-cpu-featur.patch [bz#1537773]\n- kvm-vfio-pci-Lazy-PBA-emulation.patch [bz#1459077]\n- kvm-slirp-check-sscanf-result-when-emulating-ident.patch [bz#1689791]\n- Resolves: bz#1459077\n ([Intel 7.7 Bug] QEMU version in RHEL7.4 beta does not support KVM passthrough with WFR card)\n- Resolves: bz#1537773\n ([Intel 7.7 Feat] KVM Enabling SnowRidge new NIs - qemu-kvm)\n- Resolves: bz#1689791\n (CVE-2019-9824 qemu-kvm: QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables [rhel-7])\n[1.5.3-162.el7]\n- kvm-i386-Deprecate-arch-facilities-and-make-it-block-liv.patch [bz#1658407]\n- kvm-Do-not-build-bluetooth-support.patch [bz#1654627]\n- Resolves: bz#1654627\n (Qemu: hw: bt: keep bt/* objects from building [rhel-7.7])\n- Resolves: bz#1658407\n (mode='host-model' VMs include broken 'arch-facilities' flag name [qemu-kvm])\n[1.5.3-161.el7]\n- kvm-Inhibit-ballooning-during-postcopy.patch [bz#1659229]\n- kvm-balloon-Allow-multiple-inhibit-users.patch [bz#1659229]\n- kvm-check-KVM_CAP_SYNC_MMU-with-kvm_vm_check_extensi.patch [bz#1659229]\n- kvm-Use-inhibit-to-prevent-ballooning-without-synchr.patch [bz#1659229]\n- kvm-vfio-Inhibit-ballooning-based-on-group-attachment-to.patch [bz#1659229]\n- Resolves: bz#1659229\n (Ballooning is incompatible with vfio assigned devices, but not prevented)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-13T00:00:00", "type": "oraclelinux", "title": "qemu-kvm security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12126", "CVE-2019-6778", "CVE-2019-9824"], "modified": "2019-08-13T00:00:00", "id": "ELSA-2019-2078", "href": "http://linux.oracle.com/errata/ELSA-2019-2078.html", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-07-28T14:24:28", "description": "[0.12.1.2-2.506.el6_10.5]\n- kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch [bz#1669066]\n- kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch [bz#1669066]\n- kvm-slirp-don-t-manipulate-so_rcv-in-tcp_emu.patch [bz#1669066]\n- kvm-qxl-check-release-info-object.patch [bz#1712728]\n- kvm-net-Use-iov-helper-functions.patch [bz#1636415]\n- kvm-net-increase-buffer-size-to-accommodate-Jumbo-frame-.patch [bz#1636415]\n- kvm-net-ignore-packet-size-greater-than-INT_MAX.patch [bz#1636415]\n- kvm-net-drop-too-large-packet-early.patch [bz#1636415]\n- kvm-PATCH-slirp-fix-buffer-overrun.patch [bz#1586251]\n- kvm-Fix-build-from-previous-commit.patch [bz#1586251]\n- kvm-slirp-remove-mbuf-m_hdr-m_dat-indirection.patch [bz#1586251]\n- kvm-slirp-Convert-mbufs-to-use-g_malloc-and-g_free.patch [bz#1586251]\n- kvm-slirp-correct-size-computation-while-concatenating-m.patch [bz#1586251]\n- kvm-pcnet-fix-possible-buffer-overflow.patch [bz#1636774]\n- Resolves: bz#1586251\n (CVE-2018-11806 qemu-kvm: QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams [rhel-6.10.z])\n- Resolves: bz#1636415\n (CVE-2018-10839 qemu-kvm: Qemu: ne2000: integer overflow leads to buffer overflow issue [rhel-6])\n- Resolves: bz#1636774\n (CVE-2018-17962 qemu-kvm: Qemu: pcnet: integer overflow leads to buffer overflow [rhel-6])\n- Resolves: bz#1669066\n (CVE-2019-6778 qemu-kvm: QEMU: slirp: heap buffer overflow in tcp_emu() [rhel-6.10.z])\n- Resolves: bz#1712728\n (CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-6])", "cvss3": {"exploitabilityScore": 1.5, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-09-24T00:00:00", "type": "oraclelinux", "title": "qemu-kvm security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10839", "CVE-2018-11806", "CVE-2018-17962", "CVE-2019-12155", "CVE-2019-6778"], "modified": "2019-09-24T00:00:00", "id": "ELSA-2019-2892", "href": "http://linux.oracle.com/errata/ELSA-2019-2892.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-30T06:24:58", "description": "[1.5.3-173.el7]\n- kvm-tcp_emu-Fix-oob-access.patch [bz#1791560]\n- kvm-slirp-use-correct-size-while-emulating-IRC-commands.patch [bz#1791560]\n- kvm-slirp-use-correct-size-while-emulating-commands.patch [bz#1791560]\n- Resolves: bz#1791560\n (CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() [rhel-7.8])\n[1.5.3-172.el7]\n- kvm-target-i386-Export-TAA_NO-bit-to-guests.patch [bz#1771961]\n- kvm-target-i386-add-support-for-MSR_IA32_TSX_CTRL.patch [bz#1771961]\n- Resolves: bz#1771961\n (CVE-2019-11135 qemu-kvm: hw: TSX Transaction Asynchronous Abort (TAA) [rhel-7.8])\n[1.5.3-171.el7]\n- kvm-i386-Add-new-model-of-Cascadelake-Server.patch [bz#1638471]\n- kvm-i386-Disable-OSPKE-on-Cascadelake-Server.patch [bz#1638471]\n- kvm-i386-remove-the-INTEL_PT-CPUID-bit-from-Cascadelake-.patch [bz#1638471]\n- kvm-Add-missing-brackets-to-CPUID-0x80000008-code.patch [bz#1760607]\n- Resolves: bz#1638471\n ([Intel 7.8 Feat] qemu-kvm Introduce Cascade Lake (CLX) cpu model)\n- Resolves: bz#1760607\n (Corrupted EAX values due to missing brackets at CPUID[0x800000008] code)\n[1.5.3-170.el7]\n- kvm-Using-ip_deq-after-m_free-might-read-pointers-from-a.patch [bz#1749735]\n- kvm-target-i386-Merge-feature-filtering-checking-functio.patch [bz#1709971]\n- kvm-target-i386-Isolate-KVM-specific-code-on-CPU-feature.patch [bz#1709971]\n- kvm-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch [bz#1709971]\n- kvm-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch [bz#1709971]\n- kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch [bz#1709971]\n- kvm-x86-Data-structure-changes-to-support-MSR-based-feat.patch [bz#1709971]\n- kvm-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch [bz#1709971]\n- kvm-Use-KVM_GET_MSR_INDEX_LIST-for-MSR_IA32_ARCH_CAP.patch [bz#1709971]\n- kvm-i386-kvm-Disable-arch_capabilities-if-MSR-can-t-be-s.patch [bz#1709971]\n- kvm-Remove-arch-capabilities-deprecation.patch [bz#1709971]\n- kvm-target-i386-add-MDS-NO-feature.patch [bz#1714791]\n- Resolves: bz#1709971\n ([Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM qemu-kvm)\n- Resolves: bz#1714791\n ([Intel 7.8 FEAT] MDS_NO exposure to guest - qemu-kvm)\n- Resolves: bz#1749735\n (CVE-2019-15890 qemu-kvm: QEMU: Slirp: use-after-free during packet reassembly [rhel-7])\n[1.5.3-169.el7]\n- kvm-target-i386-Support-invariant-tsc-flag.patch [bz#1626871]\n- kvm-target-i386-block-migration-and-savevm-if-invariant-.patch [bz#1626871]\n- kvm-i386-Don-t-copy-host-virtual-address-limit.patch [bz#1706658]\n- Resolves: bz#1626871\n ([RFE] request for using TscInvariant feature with qemu-kvm.)\n- Resolves: bz#1706658\n ([Intel 7.8 Bug] qemu-kvm fail with 'err:kvm_init_vcpu() invalidate argumant' on ICX platform)\n[1.5.3-168.el7]\n- kvm-qxl-check-release-info-object.patch [bz#1712703]\n- kvm-bswap.h-Remove-cpu_to_be16wu.patch [bz#1270166]\n- kvm-net-Transmit-zero-UDP-checksum-as-0xFFFF.patch [bz#1270166]\n- kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734749]\n- Resolves: bz#1270166\n (UDP packet checksum is not converted from 0x0000 to 0xffff with Qemu e1000 emulation.)\n- Resolves: bz#1712703\n (CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-7])\n- Resolves: bz#1734749\n (CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during packet reassembly [rhel-7.8])", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-04-06T00:00:00", "type": "oraclelinux", "title": "qemu-kvm security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-11135", "CVE-2019-12155", "CVE-2019-14378", "CVE-2019-15890", "CVE-2020-7039"], "modified": "2020-04-06T00:00:00", "id": "ELSA-2020-1116", "href": "http://linux.oracle.com/errata/ELSA-2020-1116.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:55", "description": "[15:3.1.0-5.el7]\n- Only enable the halt poll control MSR if it is supported by the host (Mark\n Kanda) [Orabug: 29946722]\n[15:3.1.0-4.el7]\n- kvm: i386: halt poll control MSR support (Marcelo Tosatti) [Orabug: 29933278]\n- Document CVEs as fixed: CVE-2017-9524, CVE-2017-6058, CVE-2017-5931 (Mark Kanda) [Orabug: 29886908] {CVE-2017-5931} {CVE-2017-6058} {CVE-2017-9524}\n- pvrdma: release device resources in case of an error (Prasad J Pandit) [Orabug: 29056678] {CVE-2018-20123}\n- qxl: check release info object (Prasad J Pandit) [Orabug: 29886906] {CVE-2019-12155}\n- target/i386: add MDS-NO feature (Paolo Bonzini) [Orabug: 29820428] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}\n- docs: recommend use of md-clear feature on all Intel CPUs (Daniel P. Berrange) [Orabug: 29820428] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}\n- target/i386: define md-clear bit (Paolo Bonzini) [Orabug: 29820428] {CVE-2018-12126} {CVE-2018-12127} {CVE-2018-12130} {CVE-2019-11091}\n- pvh: block migration if booting using PVH (Liam Merwick) [Orabug: 29796676]\n- hw/i386/pc: run the multiboot loader before the PVH loader (Stefano Garzarella) [Orabug: 29796676]\n- optionrom/pvh: load initrd from fw_cfg (Stefano Garzarella) [Orabug: 29796676]\n- hw/i386/pc: use PVH option rom (Stefano Garzarella) [Orabug: 29796676]\n- qemu.spec: add pvh.bin to %files (Liam Merwick) [Orabug: 29796676]\n- optionrom: add new PVH option rom (Stefano Garzarella) [Orabug: 29796676]\n- linuxboot_dma: move common functions in a new header (Stefano Garzarella) [Orabug: 29796676]\n- linuxboot_dma: remove duplicate definitions of FW_CFG (Stefano Garzarella) [Orabug: 29796676]\n- pvh: load initrd and expose it through fw_cfg (Stefano Garzarella) [Orabug: 29796676]\n- pvh: Boot uncompressed kernel using direct boot ABI (Liam Merwick) [Orabug: 29796676]\n- pvh: Add x86/HVM direct boot ABI header file (Liam Merwick) [Orabug: 29796676]\n- elf-ops.h: Add get_elf_note_type() (Liam Merwick) [Orabug: 29796676]\n- elf: Add optional function ptr to load_elf() to parse ELF notes (Liam Merwick) [Orabug: 29796676]", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-07-10T00:00:00", "type": "oraclelinux", "title": "qemu security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5931", "CVE-2017-6058", "CVE-2017-9524", "CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-20123", "CVE-2019-11091", "CVE-2019-12155"], "modified": "2019-07-10T00:00:00", "id": "ELSA-2019-4713", "href": "http://linux.oracle.com/errata/ELSA-2019-4713.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:34", "description": "[15:3.1.0-3.el7]\n- x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as\n fixed (Mark Kanda) [Orabug: 29744956] {CVE-2018-12126} {CVE-2018-12127}\n {CVE-2018-12130} {CVE-2019-11091}\n[15:3.1.0-2.el7]\n- x86: Add mds feature (Karl Heubaum) \n- e1000: Never increment the RX undersize count register (Chris Kenna) \n- qemu.spec: audioflags set but never passed to configure script (Liam Merwick) [Orabug: 29715562]\n- parfait: deal with parfait returning non-zero return value (Liam Merwick) [Orabug: 29715548]\n- parfait: use nproc to choose default number of threads (Liam Merwick) [Orabug: 29715548]\n- parfait: provide option to upload results (Liam Merwick) [Orabug: 29715548]\n- parfait: disable misaligned-access check (Liam Merwick) [Orabug: 29715548]\n- Document CVE-2019-8934 and CVE-2019-5008 as fixed (Mark Kanda) [Orabug: 29715605] {CVE-2019-5008} {CVE-2019-8934}\n- device_tree.c: Don't use load_image() (Peter Maydell) [Orabug: 29715527] {CVE-2018-20815}\n- slirp: check sscanf result when emulating ident (William Bowling) [Orabug: 29715525] {CVE-2019-9824}\n- i2c-ddc: fix oob read (Gerd Hoffmann) [Orabug: 29715520] {CVE-2019-3812}\n- scsi-generic: avoid possible out-of-bounds access to r->buf (Paolo Bonzini) [Orabug: 29259700] {CVE-2019-6501}\n- slirp: check data length while emulating ident function (Prasad J Pandit) [Orabug: 29715755] {CVE-2019-6778}", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-14T00:00:00", "type": "oraclelinux", "title": "qemu security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-18438", "CVE-2018-19665", "CVE-2018-20123", "CVE-2018-20815", "CVE-2019-11091", "CVE-2019-3812", "CVE-2019-5008", "CVE-2019-6501", "CVE-2019-6778", "CVE-2019-8934", "CVE-2019-9824"], "modified": "2019-05-14T00:00:00", "id": "ELSA-2019-4640", "href": "http://linux.oracle.com/errata/ELSA-2019-4640.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:24:52", "description": "hivex\nlibguestfs\n[1:1.38.4-14.0.1]\n- Config supermin to use host yum.conf in ol8 [Orabug: 29319324]\n- Set DISTRO_ORACLE_LINUX correspeonding to ol\n[1:1.38.4-14]\n- v2v: use -T as argument of scp when copying vmx files via ssh\n resolves: rhbz#1738886\n* Fri Jun 28 2019 Danilo de Paula \n- Rebuild all virt packages to fix RHEL's upgrade path\n- Resolves: rhbz#1695587\n (Ensure modular RPM upgrade path)\n[1:1.38.4-12]\n- v2v: update nbdkit information in documentation\n resolves: rhbz#1651115\n- v2v: use proper SELinux label for nbdkit sockets\n resolves: rhbz#1717088\nlibguestfs-winsupport\n[8.0-4]\n- Rebuild all virt packages to fix RHEL's upgrade path\n- Resolves: rhbz#1695587\n (Ensure modular RPM upgrade path)\nlibiscsi\n[1.18.0-8]\n- Rebuild all virt packages to fix RHEL's upgrade path\n- Resolves: rhbz#1695587\n (Ensure modular RPM upgrade path)\n[1.18.0-7.el8]\n- libiscsi-redhat-Remove-disable-werror-from-spec-file.patch [bz#1581025]\n- Resolves: bz#1581025\n (Remove --disable-werror from spec file)\n[-]\n- libiscsi-fix-connection-to-LUN-with-IPv6-address.patch [bz#1597942]\n- Resolves: bz#1597942\n (Qemu-kvm fails to connect to iscsi LUN by IPV6 address)\n[1.18.0-5.el8]\n- libiscsi-iser_rcv_completion-unify-error-handling.patch [bz#1634541]\n- libiscsi-iser-fix-posting-of-receive-descriptors.patch [bz#1634541]\n- libiscsi-sync-remove-unnecessary-checks.patch [bz#1634541]\n- libiscsi-do-not-warn-for-strncpy.patch [bz#1634541]\n- libiscsi-avoid-fallthrough.patch [bz#1634541]\n- libiscsi-avoid-truncation-when-logging-message-that-includes-.patch [bz#1634541]\n- Resolves: bz#1634541\n (Fix important coverity issues (libiscsi))\n[1.18.0-4.el8]\n- Fixed a build issue with the latest rdma-core\n[1.18.0-2]\n- Fix rdma deps and don't restrict archs\n- Add --disable-werror to fix gcc8 build (bz #1556044)\n- Spec file cleanups (bz #1483290)\n[1.18.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild\n[1.18.0-1]\n- Rebased to version 1.18.0\n- Added patch to fix gcc7 warnings\n[1.15.0-5]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild\n[1.15.0-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild\n[1.15.0-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild\n[1.15.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.15.0-1]\n- Rebased to version 1.15.0\n- Removed patch 20 as it has been upstreamed\n- Disabled patch 12 as need for revised one is in question\n- Updated patch 13 to current tree\n- New tool iscsi-perf\n[1.11.0-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[1.11.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild\n[1.11.0-1]\n- Rebased to version 1.11.0\n- Most patches removed\n- New tool iscsi-swp + manpages\n[1.9.0-6]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild\n[1.9.0-5]\n- Rebuild for new libgcrypt\n[1.9.0-4]\n- Cleaned up patches 18/19 to match upstream more closely\n[1.9.0-3]\n- Improved patch 18 to cover write side too\n[1.9.0-2]\n- Add patch 18 to fix QEMU's scsi-generic mode\n[1.9.0-1]\n- Rebase to 1.9.0\n- Cherry-pick selected patches from upstream\n[1.7.0-6]\n- Add patch 5 to silence strict aliasing warnings\n[1.7.0-5]\n- Add patch 4 to enable installing of iscsi-test binary\n[1.7.0-4]\n- Add patch 2 for FIPS mode\n- Add patch 3 to avoid segmentation fault on iscsi-tools\n[1.7.0-3]\n- Correct license for libiscsi-utils, prefer %global to %define\n- Add Requires\n- Remove percent-clean section\n[1.7.0-2]\n- Use percent-config for ld.so.conf.d file.\n[1.7.0-1]\n- Initial version (bug 914752)\nlibvirt\n[4.5.0-35.2.0.1.el8]\n- added librbd1 as dependency (Keshav Sharma)\n[4.5.0-35.2.el8]\n- cpu_map: Add TAA_NO bit for IA32_ARCH_CAPABILITIES MSR (CVE-2019-11135)\n- cpu_map: Add TSX_CTRL bit for IA32_ARCH_CAPABILITIES MSR (CVE-2019-11135)\n[4.5.0-35.1.el8]\n- cpu_conf: Pass policy to CPU feature filtering callbacks (rhbz#1775133, rhbz#1775134, rhbz#1775137)\n- qemuxml2*test: Add tests for Icelake-Server, -pconfig (rhbz#1775133, rhbz#1775134, rhbz#1775137)\n- qemu: Drop disabled CPU features unknown to QEMU (rhbz#1775133, rhbz#1775134, rhbz#1775137)\n- cputest: Add data for Ice Lake Server CPU (rhbz#1775133, rhbz#1775134, rhbz#1775137)\n- cpu_map: Drop pconfig from Icelake-Server CPU model (rhbz#1775133, rhbz#1775134, rhbz#1775137)\n- qemu: Fix NULL ptr dereference caused by qemuDomainDefFormatBufInternal (rhbz#1775133, rhbz#1775134, rhbz#1775137)\n[4.5.0-35]\n- vircgroupv2: fix setting cpu.max period (rhbz#1749227)\n[4.5.0-34]\n- vircgroupv2: fix abort in VIR_AUTOFREE (rhbz#1747440)\n[4.5.0-33]\n- vircgroupv2: fix parsing multiple values in single file (rhbz#1741825)\n- vircgroupv2: fix virCgroupV2GetCpuCfsQuota for 'max' value (rhbz#1741837)\n[4.5.0-32]\n- virDomainObjListAddLocked: Produce better error message than 'Duplicate key' (rhbz#1737790)\n- virdbus: Grab a ref as long as the while loop is executed (rhbz#1741900)\n[4.5.0-31]\n- virDomainObjListAddLocked: fix double free (rhbz#1728530)\n- docs: schemas: Decouple the virtio options from each other (rhbz#1729675)\n- util: command: use VIR_AUTOFREE instead of VIR_FREE for scalar types (rhbz#1721434)\n- util: command: define cleanup function using VIR_DEFINE_AUTOPTR_FUNC (rhbz#1721434)\n- util: netdevopenvswitch: use VIR_AUTOFREE instead of VIR_FREE for scalar types (rhbz#1721434)\n- util: virnetdevopenvswitch: Drop an unused variable @ovs_timeout (rhbz#1721434)\n- util: netdevopenvswitch: use VIR_AUTOPTR for aggregate types (rhbz#1721434)\n- util: suppress unimportant ovs-vsctl errors when getting interface stats (rhbz#1721434)\n- virNetDevOpenvswitchInterfaceStats: Optimize for speed (rhbz#1721434)\n- test: Introduce virnetdevopenvswitchtest (rhbz#1721434)\n- vircommand: Separate mass FD closing into a function (rhbz#1721434)\n- virCommand: use procfs to learn opened FDs (rhbz#1721434)\n- util: command: Ignore bitmap errors when enumerating file descriptors to close (rhbz#1721434)\n- util: Avoid possible error in virCommandMassClose (rhbz#1721434)\n- vircgroup: fix cgroups v2 controllers detection (rhbz#1689297)\n- vircgroupv2: store enabled controllers (rhbz#1689297)\n[4.5.0-30]\n- virWaitForDevices: Drop confusing part of comment (rhbz#1710575)\n- lib: Drop UDEVSETTLE (rhbz#1710575)\n- m4: Provide default value fore UDEVADM (rhbz#1710575)\n- m4: Drop needless string checks (rhbz#1710575)\n- util: vircgroup: introduce virCgroup(Get|Set)ValueRaw (rhbz#1658890)\n- util: vircgroup: move virCgroupGetValueStr out of virCgroupGetValueForBlkDev (rhbz#1658890)\n- util: vircgroupv1: add support for BFQ blkio files (rhbz#1658890)\n- util: vircgroupv2: add support for BFQ files (rhbz#1658890)\n- Handle copying bitmaps to larger data buffers (rhbz#1703160)\n[4.5.0-29]\n- cpu: allow include files for CPU definition (rhbz#1686895)\n- cpu: fix cleanup when signature parsing fails (rhbz#1686895)\n- cpu: push more parsing logic into common code (rhbz#1686895)\n- cpu: simplify failure cleanup paths (rhbz#1686895)\n- cpu_map: Add support for arch-capabilities feature (rhbz#1693433)\n- cputest: Add data for Intel(R) Xeon(R) CPU E5-2630 v4 (rhbz#1686895)\n- cputest: Add data for Intel(R) Core(TM) i7-7600U (rhbz#1686895)\n- cputest: Add data for Intel(R) Xeon(R) CPU E7540 (rhbz#1686895)\n- cputest: Add data for Intel(R) Xeon(R) CPU E5-2650 (rhbz#1686895)\n- cputest: Add data for Intel(R) Core(TM) i7-8700 (rhbz#1686895)\n- cpu_x86: Separate ancestor model parsing from x86ModelParse (rhbz#1686895)\n- cpu_x86: Separate signature parsing from x86ModelParse (rhbz#1686895)\n- cpu_x86: Separate vendor parsing from x86ModelParse (rhbz#1686895)\n- cpu_x86: Separate feature list parsing from x86ModelParse (rhbz#1686895)\n- cpu_x86: Make sure CPU model names are unique in cpu_map (rhbz#1686895)\n- cpu_x86: Add x86ModelCopySignatures helper (rhbz#1686895)\n- cpu_x86: Store CPU signature in an array (rhbz#1686895)\n- cpu_x86: Allow multiple signatures for a CPU model (rhbz#1686895)\n- cpu_x86: Log decoded CPU model and signatures (rhbz#1686895)\n- qemu_capabilities: Inroduce virQEMUCapsGetCPUModelX86Data (rhbz#1686895)\n- qemu_capabilities: Introduce virQEMUCapsGetCPUModelInfo (rhbz#1686895)\n- qemu_capabilities: Use virQEMUCapsGetCPUModelInfo (rhbz#1686895)\n- cpu_x86: Add virCPUx86DataGetSignature for tests (rhbz#1686895)\n- cpu_map: Add hex representation of signatures (rhbz#1686895)\n- cputest: Test CPU signatures (rhbz#1686895)\n- cpu_map: Add more signatures for Conroe CPU model (rhbz#1686895)\n- cpu_map: Add more signatures for Penryn CPU model (rhbz#1686895)\n- cpu_map: Add more signatures for Nehalem CPU models (rhbz#1686895)\n- cpu_map: Add more signatures for Westmere CPU model (rhbz#1686895)\n- cpu_map: Add more signatures for SandyBridge CPU models (rhbz#1686895)\n- cpu_map: Add more signatures for IvyBridge CPU models (rhbz#1686895)\n- cpu_map: Add more signatures for Haswell CPU models (rhbz#1686895)\n- cpu_map: Add more signatures for Broadwell CPU models (rhbz#1686895)\n- cpu_map: Add more signatures for Skylake-Client CPU models (rhbz#1686895)\n- cpu: Don't access invalid memory in virCPUx86Translate (rhbz#1686895)\n- cpu_x86: Require \n within \n in CPU map (rhbz#1697627)\n- cputest: Add data for Intel(R) Xeon(R) Platinum 8268 CPU (rhbz#1693433)\n- cpu_map: Add Cascadelake-Server CPU model (rhbz#1693433)\n- cpu_x86: Introduce virCPUx86DataItem container struct (rhbz#1697627)\n- cpu_x86: Rename virCPUx86Vendor.cpuid (rhbz#1697627)\n- cpu_x86: Rename virCPUx86DataItem variables (rhbz#1697627)\n- cpu_x86: Rename x86DataCpuidNext function (rhbz#1697627)\n- cpu_x86: Rename x86DataCpuid (rhbz#1697627)\n- cpu_x86: Rename virCPUx86CPUIDSorter (rhbz#1697627)\n- cpu_x86: Rename virCPUx86DataAddCPUIDInt (rhbz#1697627)\n- cpu_x86: Rename virCPUx86DataAddCPUID (rhbz#1697627)\n- cpu_x86: Rename virCPUx86VendorToCPUID (rhbz#1697627)\n- cpu_x86: Simplify x86DataAdd (rhbz#1697627)\n- cpu_x86: Introduce virCPUx86DataCmp (rhbz#1697627)\n- cpu_x86: Make x86cpuidSetBits more general (rhbz#1697627)\n- cpu_x86: Make x86cpuidClearBits more general (rhbz#1697627)\n- cpu_x86: Make x86cpuidAndBits more general (rhbz#1697627)\n- cpu_x86: Make x86cpuidMatchMasked more general (rhbz#1697627)\n- cpu_x86: Make x86cpuidMatch more general (rhbz#1697627)\n- cpu_x86: Store virCPUx86DataItem content in union (rhbz#1697627)\n- cpu_x86: Add support for storing MSR features in CPU map (rhbz#1697627)\n- cpu_x86: Move *CheckFeature functions (rhbz#1697627)\n- cputest: Add support for MSR features to cpu-parse.sh (rhbz#1697627)\n- util: file: introduce VIR_AUTOCLOSE macro to close fd of the file automatically (rhbz#1697627)\n- vircpuhost: Add support for reading MSRs (rhbz#1697627)\n- virhostcpu: Make virHostCPUGetMSR() work only on x86 (rhbz#1697627)\n- cpu_x86: Fix placement of *CheckFeature functions (rhbz#1697627)\n- cpu_conf: Introduce virCPUDefFilterFeatures (rhbz#1697627)\n- qemu_command: Use consistent syntax for CPU features (rhbz#1697627)\n- tests: Add QEMU caps data for future 4.1.0 (rhbz#1697627)\n- tests: Add domain capabilities case for QEMU 4.1.0 (rhbz#1697627)\n- qemuxml2argvtest: Add test for CPU features translation (rhbz#1697627)\n- qemu: Add APIs for translating CPU features (rhbz#1697627)\n- qemu: Probe for max-x86_64-cpu type (rhbz#1697627)\n- qemu: Probe for 'unavailable-features' CPU property (rhbz#1697627)\n- qemu: Probe host CPU after capabilities (rhbz#1697627)\n- qemu_command: Use canonical names of CPU features (rhbz#1697627)\n- qemu: Translate feature names from query-cpu-model-expansion (rhbz#1697627)\n- qemu: Don't use full CPU model expansion (rhbz#1697627)\n- qemu: Make qemuMonitorGetGuestCPU usable on x86 only (rhbz#1697627)\n- cpu: Introduce virCPUDataAddFeature (rhbz#1697627)\n- qemu: Add type filter to qemuMonitorJSONParsePropsList (rhbz#1697627)\n- util: string: Introduce macro for automatic string lists (rhbz#1697627)\n- util: json: define cleanup function using VIR_DEFINE_AUTOPTR_FUNC (rhbz#1697627)\n- qemu: Introduce generic qemuMonitorGetGuestCPU (rhbz#1697627)\n- qemu_process: Prefer generic qemuMonitorGetGuestCPU (rhbz#1697627)\n- util: Rework virStringListAdd (rhbz#1697627)\n- conf: Introduce virCPUDefCheckFeatures (rhbz#1697627)\n- cpu_x86: Turn virCPUx86DataIteratorInit into a function (rhbz#1697627)\n- cpu_x86: Introduce virCPUx86FeatureFilter*MSR (rhbz#1697627)\n- cpu_x86: Read CPU features from IA32_ARCH_CAPABILITIES MSR (rhbz#1697627)\n- cpu_map: Introduce IA32_ARCH_CAPABILITIES MSR features (rhbz#1697627)\n- qemu: Forbid MSR features with old QEMU (rhbz#1697627)\n- qemu: Drop MSR features from host-model with old QEMU (rhbz#1697627)\n- cpu_x86: Fix memory leak - virCPUx86GetHost (rhbz#1697627)\n- qemu: Use @tmpChr in qemuDomainDetachChrDevice to build device string (rhbz#1624204)\n- qemu: Drop 'user-' prefix for guestfwd netdev (rhbz#1624204)\n- qemu_hotplug: Attach guestfwd using netdev_add (rhbz#1624204)\n- qemu_hotplug: Detach guestfwd using netdev_del (rhbz#1624204)\n- qemuhotplugtest: Test guestfwd attach and detach (rhbz#1624204)\n- daemon: Register secret driver before storage driver (rhbz#1685151)\n- bhyve: Move autostarting of domains into bhyveStateInitialize (rhbz#1685151)\n- Revert 'virStateDriver - Separate AutoStart from Initialize' (rhbz#1685151)\n- Revert 'Separate out StateAutoStart from StateInitialize' (rhbz#1685151)\n- util: moving 'type' argument to avoid issues with mount() syscall. (rhbz#1689297)\n- util: cgroup: use VIR_AUTOFREE instead of VIR_FREE for scalar types (rhbz#1689297)\n- vircgroup: Rename structs to start with underscore (rhbz#1689297)\n- vircgroup: Introduce standard set of typedefs and use them (rhbz#1689297)\n- vircgroup: Extract file link resolving into separate function (rhbz#1689297)\n- vircgroup: Remove unused function virCgroupKill() (rhbz#1689297)\n- vircgroup: Unexport unused function virCgroupAddTaskController() (rhbz#1689297)\n- vircgroup: Unexport unused function virCgroupRemoveRecursively (rhbz#1689297)\n- vircgroup: Move function used in tests into vircgrouppriv.h (rhbz#1689297)\n- vircgroup: Remove pointless bool parameter (rhbz#1689297)\n- vircgroup: Extract mount options matching into function (rhbz#1689297)\n- vircgroup: Use virCgroupMountOptsMatchController in virCgroupDetectPlacement (rhbz#1689297)\n- vircgroup: Introduce virCgroupEnableMissingControllers (rhbz#1689297)\n- vircgroup: machinename will never be NULL (rhbz#1689297)\n- vircgroup: Remove virCgroupAddTaskController (rhbz#1689297)\n- vircgroup: Introduce virCgroupGetMemoryStat (rhbz#1689297)\n- lxc: Use virCgroupGetMemoryStat (rhbz#1689297)\n- vircgroup: fix MinGW build (rhbz#1689297)\n- vircgroup: Duplicate string before modifying (rhbz#1689297)\n- vircgroup: Extract controller detection into function (rhbz#1689297)\n- vircgroup: Extract placement validation into function (rhbz#1689297)\n- vircgroup: Split virCgroupPathOfController into two functions (rhbz#1689297)\n- vircgroup: Call virCgroupRemove inside virCgroupMakeGroup (rhbz#1689297)\n- vircgroup: Simplify if conditions in virCgroupMakeGroup (rhbz#1689297)\n- vircgroup: Remove obsolete sa_assert (rhbz#1689297)\n- tests: Resolve possible overrun (rhbz#1689297)\n- vircgroup: cleanup controllers not managed by systemd on error (rhbz#1689297)\n- vircgroup: fix bug in virCgroupEnableMissingControllers (rhbz#1689297)\n- vircgroup: rename virCgroupAdd.*Task to virCgroupAdd.*Process (rhbz#1689297)\n- vircgroup: introduce virCgroupTaskFlags (rhbz#1689297)\n- vircgroup: introduce virCgroupAddThread (rhbz#1689297)\n- vircgroupmock: cleanup unused cgroup files (rhbz#1689297)\n- vircgroupmock: rewrite cgroup fopen mocking (rhbz#1689297)\n- vircgrouptest: call virCgroupDetectMounts directly (rhbz#1689297)\n- vircgrouptest: call virCgroupNewSelf instead virCgroupDetectMounts (rhbz#1689297)\n- util: introduce vircgroupbackend files (rhbz#1689297)\n- vircgroup: introduce cgroup v1 backend files (rhbz#1689297)\n- vircgroup: extract virCgroupV1Available (rhbz#1689297)\n- vircgroup: detect available backend for cgroup (rhbz#1689297)\n- vircgroup: extract virCgroupV1ValidateMachineGroup (rhbz#1689297)\n- vircgroup: extract virCgroupV1CopyMounts (rhbz#1689297)\n- vircgroup: extract v1 detect functions (rhbz#1689297)\n- vircgroup: extract virCgroupV1CopyPlacement (rhbz#1689297)\n- vircgroup: extract virCgroupV1ValidatePlacement (rhbz#1689297)\n- vircgroup: extract virCgroupV1StealPlacement (rhbz#1689297)\n- vircgroup: extract virCgroupV1DetectControllers (rhbz#1689297)\n- vircgroup: extract virCgroupV1HasController (rhbz#1689297)\n- vircgroup: extract virCgroupV1GetAnyController (rhbz#1689297)\n- vircgroup: extract virCgroupV1PathOfController (rhbz#1689297)\n- vircgroup: extract virCgroupV1MakeGroup (rhbz#1689297)\n- vircgroup: extract virCgroupV1Remove (rhbz#1689297)\n- vircgroup: extract virCgroupV1AddTask (rhbz#1689297)\n- vircgroup: extract virCgroupV1HasEmptyTasks (rhbz#1689297)\n- vircgroup: extract virCgroupV1BindMount (rhbz#1689297)\n- vircgroup: extract virCgroupV1SetOwner (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)BlkioWeight (rhbz#1689297)\n- vircgroup: extract virCgroupV1GetBlkioIoServiced (rhbz#1689297)\n- vircgroup: extract virCgroupV1GetBlkioIoDeviceServiced (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)BlkioDeviceWeight (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)BlkioDeviceReadIops (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)BlkioDeviceWriteIops (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)BlkioDeviceReadBps (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)BlkioDeviceWriteBps (rhbz#1689297)\n- vircgroup: extract virCgroupV1SetMemory (rhbz#1689297)\n- vircgroup: extract virCgroupV1GetMemoryStat (rhbz#1689297)\n- vircgroup: extract virCgroupV1GetMemoryUsage (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)Memory*Limit (rhbz#1689297)\n- vircgroup: extract virCgroupV1GetMemSwapUsage (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Allow|Deny)Device (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Allow|Deny)AllDevices (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)CpuShares (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)CpuCfsPeriod (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)CpuCfsQuota (rhbz#1689297)\n- vircgroup: extract virCgroupV1SupportsCpuBW (rhbz#1689297)\n- vircgroup: extract virCgroupV1GetCpuacct*Usage (rhbz#1689297)\n- vircgroup: extract virCgroupV1GetCpuacctStat (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)FreezerState (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)CpusetMems (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)CpusetMemoryMigrate (rhbz#1689297)\n- vircgroup: extract virCgroupV1(Set|Get)CpusetCpus (rhbz#1689297)\n- vircgroup: rename virCgroupController into virCgroupV1Controller (rhbz#1689297)\n- vircgroup: rename controllers to legacy (rhbz#1689297)\n- vircgroup: remove VIR_CGROUP_SUPPORTED (rhbz#1689297)\n- vircgroup: include system headers only on linux (rhbz#1689297)\n- vircgroupv1: fix build on non-linux OSes (rhbz#1689297)\n- Revert 'vircgroup: cleanup controllers not managed by systemd on error' (rhbz#1689297)\n- util: introduce cgroup v2 files (rhbz#1689297)\n- vircgroup: introduce virCgroupV2Available (rhbz#1689297)\n- vircgroup: introduce virCgroupV2ValidateMachineGroup (rhbz#1689297)\n- vircgroup: introduce virCgroupV2CopyMounts (rhbz#1689297)\n- vircgroup: introduce virCgroupV2CopyPlacement (rhbz#1689297)\n- vircgroup: introduce virCgroupV2DetectMounts (rhbz#1689297)\n- vircgroup: introduce virCgroupV2DetectPlacement (rhbz#1689297)\n- vircgroup: introduce virCgroupV2ValidatePlacement (rhbz#1689297)\n- vircgroup: introduce virCgroupV2StealPlacement (rhbz#1689297)\n- vircgroup: introduce virCgroupV2DetectControllers (rhbz#1689297)\n- vircgroup: introduce virCgroupV2HasController (rhbz#1689297)\n- vircgroup: introduce virCgroupV2GetAnyController (rhbz#1689297)\n- vircgroup: introduce virCgroupV2PathOfController (rhbz#1689297)\n- vircgroup: introduce virCgroupV2MakeGroup (rhbz#1689297)\n- vircgroup: introduce virCgroupV2Remove (rhbz#1689297)\n- vircgroup: introduce virCgroupV2AddTask (rhbz#1689297)\n- vircgroup: introduce virCgroupV2HasEmptyTasks (rhbz#1689297)\n- vircgroup: introduce virCgroupV2BindMount (rhbz#1689297)\n- vircgroup: introduce virCgroupV2SetOwner (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)BlkioWeight (rhbz#1689297)\n- vircgroup: introduce virCgroupV2GetBlkioIoServiced (rhbz#1689297)\n- vircgroup: introduce virCgroupV2GetBlkioIoDeviceServiced (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)BlkioDeviceWeight (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)BlkioDeviceReadIops (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)BlkioDeviceWriteIops (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)BlkioDeviceReadBps (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)BlkioDeviceWriteBps (rhbz#1689297)\n- vircgroup: introduce virCgroupV2SetMemory (rhbz#1689297)\n- vircgroup: introduce virCgroupV2GetMemoryStat (rhbz#1689297)\n- vircgroup: introduce virCgroupV2GetMemoryUsage (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)MemoryHardLimit (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)MemorySoftLimit (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)MemSwapHardLimit (rhbz#1689297)\n- vircgroup: introduce virCgroupV2GetMemSwapUsage (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)CpuShares (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)CpuCfsPeriod (rhbz#1689297)\n- vircgroup: introduce virCgroupV2(Set|Get)CpuCfsQuota (rhbz#1689297)\n- vircgroup: introduce virCgroupV2SupportsCpuBW (rhbz#1689297)\n- vircgroup: introduce virCgroupV2GetCpuacctUsage (rhbz#1689297)\n- vircgroup: introduce virCgroupV2GetCpuacctStat (rhbz#1689297)\n- vircgroup: register cgroup v2 backend (rhbz#1689297)\n- vircgroup: add support for hybrid configuration (rhbz#1689297)\n- vircgroupmock: change cgroup prefix (rhbz#1689297)\n- vircgroupmock: add support to test cgroup v2 (rhbz#1689297)\n- vircgrouptest: introduce initFakeFS and cleanupFakeFS helpers (rhbz#1689297)\n- vircgrouptest: prepare testCgroupDetectMounts for cgroup v2 (rhbz#1689297)\n- vircgrouptest: add detect mounts test for cgroup v2 (rhbz#1689297)\n- vircgrouptest: add detect mounts test for hybrid cgroups (rhbz#1689297)\n- vircgrouptest: prepare validateCgroup for cgroupv2 (rhbz#1689297)\n- vircgrouptest: add cgroup v2 tests (rhbz#1689297)\n- vircgrouptest: add hybrid tests (rhbz#1689297)\n- virt-host-validate: rewrite cgroup detection to use util/vircgroup (rhbz#1689297)\n- virt-host-validate: require freezer for LXC (rhbz#1689297)\n- virt-host-validate: Fix build on non-Linux (rhbz#1689297)\n- tests: Use correct function name in error path (rhbz#1689297)\n- util: Fix virCgroupGetMemoryStat (rhbz#1689297)\n- tests: Augment vcgrouptest to add virCgroupGetMemoryStat (rhbz#1689297)\n- vircgroup: introduce virCgroupKillRecursiveCB (rhbz#1689297)\n- vircgroupv2: fix virCgroupV2ValidateMachineGroup (rhbz#1689297)\n- util: implement virCgroupV2(Set|Get)CpusetMems (rhbz#1689297)\n- util: implement virCgroupV2(Set|Get)CpusetMemoryMigrate (rhbz#1689297)\n- util: implement virCgroupV2(Set|Get)CpusetCpus (rhbz#1689297)\n- util: enable cgroups v2 cpuset controller for threads (rhbz#1689297)\n- util: vircgroup: pass parent cgroup into virCgroupDetectControllersCB (rhbz#1689297)\n- internal: introduce a family of NULLSTR macros (rhbz#1689297)\n- util: vircgroup: improve controller detection (rhbz#1689297)\n- util: vircgroupv2: use any controller to create thread directory (rhbz#1689297)\n- util: vircgroupv2: enable CPU controller only if it's available (rhbz#1689297)\n- util: vircgroupv2: separate return values of virCgroupV2EnableController (rhbz#1689297)\n- util: vircgroupv2: don't error out if enabling controller fails (rhbz#1689297)\n- util: vircgroupv2: mark only requested controllers as available (rhbz#1689297)\n- Revert 'util: vircgroup: pass parent cgroup into virCgroupDetectControllersCB' (rhbz#1689297)\n- util: vircgroupv2: stop enabling missing controllers with systemd (rhbz#1689297)\n[4.5.0-28]\n- Rebuild all virt packages to fix RHEL's upgrade path\n- Resolves: rhbz#1695587\n (Ensure modular RPM upgrade path)\n[4.5.0-27]\n- RHEL: spec: Disable gluster on i686 (rhbz#1722668)\n- rpc: virnetlibsshsession: update deprecated functions (rhbz#1722735)\n[4.5.0-26]\n- api: disallow virDomainSaveImageGetXMLDesc on read-only connections (CVE-2019-10161)\n- api: disallow virDomainManagedSaveDefineXML on read-only connections (CVE-2019-10166)\n- api: disallow virConnectGetDomainCapabilities on read-only connections (CVE-2019-10167)\n- api: disallow virConnect*HypervisorCPU on read-only connections (CVE-2019-10168)\n[4.5.0-25]\n- admin: reject clients unless their UID matches the current UID (CVE-2019-10132)\n- locking: restrict sockets to mode 0600 (CVE-2019-10132)\n- logging: restrict sockets to mode 0600 (CVE-2019-10132)\n- util: skip RDMA detection for non-PCI network devices (rhbz#1693299)\n- virfile: Detect ceph as shared FS (rhbz#1698133)\n- virfile: added GPFS as shared fs (rhbz#1698133)\n- util: bitmap: define cleanup function using VIR_DEFINE_AUTOPTR_FUNC (rhbz#1716943)\n- qemu: Rework setting process affinity (rhbz#1716943)\n- qemu: Set up EMULATOR thread and cpuset.mems before exec()-ing qemu (rhbz#1716943)\n- conf: Add definitions for 'uid' and 'fid' PCI address attributes (rhbz#1508149)\n- qemu: Introduce zPCI capability (rhbz#1508149)\n- qemu: Enable PCI multi bus for S390 guests (rhbz#1508149)\n- conf: Introduce extension flag and zPCI member for PCI address (rhbz#1508149)\n- conf: Introduce address caching for PCI extensions (rhbz#1508149)\n- qemu: Auto add pci-root for s390/s390x guests (rhbz#1508149)\n- conf: use virXMLFormatElement() in virDomainDeviceInfoFormat() (rhbz#1508149)\n- conf: Introduce parser, formatter for uid and fid (rhbz#1508149)\n- qemu: Add zPCI address definition check (rhbz#1508149)\n- conf: Allocate/release 'uid' and 'fid' in PCI address (rhbz#1508149)\n- qemu: Generate and use zPCI device in QEMU command line (rhbz#1508149)\n- qemu: Add hotpluging support for PCI devices on S390 guests (rhbz#1508149)\n- qemuDomainRemoveRNGDevice: Remove associated chardev too (rhbz#1508149)\n- qemu_hotplug: remove erroneous call to qemuDomainDetachExtensionDevice() (rhbz#1508149)\n- qemu_hotplug: remove another erroneous qemuDomainDetachExtensionDevice() call (rhbz#1508149)\n- util: Propagate numad failures correctly (rhbz#1716907)\n- util: Introduce virBitmapUnion() (rhbz#1716908)\n- util: Introduce virNumaNodesetToCPUset() (rhbz#1716908)\n- qemu: Fix qemuProcessInitCpuAffinity() (rhbz#1716908)\n- qemu: Fix leak in qemuProcessInitCpuAffinity() (rhbz#1716908)\n- qemu: Drop cleanup label from qemuProcessInitCpuAffinity() (rhbz#1716908)\n- qemu: Fix NULL pointer access in qemuProcessInitCpuAffinity() (rhbz#1716908)\n- qemuBuildMemoryBackendProps: Pass @priv instead of its individual members (rhbz#1624223)\n- qemu: Don't use -mem-prealloc among with .prealloc=yes (rhbz#1624223)\n- nwfilter: fix adding std MAC and IP values to filter binding (rhbz#1691356)\n- qemuProcessBuildDestroyMemoryPathsImpl: Don't overwrite error (rhbz#1658112)\n- qemu_security: Fully implement qemuSecurityDomainSetPathLabel (rhbz#1658112)\n- qemu: process: SEV: Assume libDir to be the directory to create files in (rhbz#1658112)\n- qemu: process: SEV: Relabel guest owner's SEV files created before start (rhbz#1658112)\n[4.5.0-24]\n- tests: qemuxml2argv: add CAPS_ARCH_LATEST macro (rhbz#1698855)\n- qemu: Add ccw support for vhost-vsock (rhbz#1698855)\n- qemu: Allow creating ppc64 guests with graphics and no USB mouse (rhbz#1683681)\n- conf: Expose virDomainSCSIDriveAddressIsUsed (rhbz#1692354)\n- qemuhotplugtest: Don't plug a SCSI disk at unit 7 (rhbz#1692354)\n- qemu_hotplug: Check for duplicate drive addresses (rhbz#1692354)\n- cpu_map: Add support for cldemote CPU feature (rhbz#1537731)\n- util: alloc: add macros for implementing automatic cleanup functionality (rhbz#1505998)\n- qemu: domain: Simplify non-VFIO memLockLimit calculation for PPC64 (rhbz#1505998)\n- qemu_domain: add a PPC64 memLockLimit helper (rhbz#1505998)\n- qemu_domain: NVLink2 bridge detection function for PPC64 (rhbz#1505998)\n- PPC64 support for NVIDIA V100 GPU with NVLink2 passthrough (rhbz#1505998)\n- cpu_x86: Do not cache microcode version (CVE-2018-12127, CVE-2019-11091, CVE-2018-12126, CVE-2018-12130)\n- qemu: Don't cache microcode version (CVE-2018-12127, CVE-2019-11091, CVE-2018-12126, CVE-2018-12130)\n- cputest: Add data for Intel(R) Xeon(R) CPU E3-1225 v5 (CVE-2018-12127, CVE-2019-11091, CVE-2018-12126, CVE-2018-12130)\n- cpu_map: Define md-clear CPUID bit (CVE-2018-12127, CVE-2019-11091, CVE-2018-12126, CVE-2018-12130)\n[4.5.0-23]\n- network: explicitly allow icmp/icmpv6 in libvirt zonefile (rhbz#1650320)\n[4.5.0-22]\n- util: fix memory leak in virFirewallDInterfaceSetZone() (rhbz#1650320)\n[4.5.0-21]\n- docs: Drop /dev/net/tun from the list of shared devices (rhbz#1665400)\n- qemu: conf: Remove /dev/sev from the default cgroup device acl list (rhbz#1665400)\n- qemu: cgroup: Expose /dev/sev/ only to domains that require SEV (rhbz#1665400)\n- qemu: domain: Add /dev/sev into the domain mount namespace selectively (rhbz#1665400)\n- security: dac: Relabel /dev/sev in the namespace (rhbz#1665400)\n- qemu: caps: Use CAP_DAC_OVERRIDE for probing to avoid permission issues (rhbz#1665400)\n- qemu: caps: Don't try to ask for CAP_DAC_OVERRIDE if non-root (rhbz#1665400)\n- Revert 'RHEL: Require firewalld-filesystem for firewalld rpm macros' (rhbz#1650320)\n- Revert 'RHEL: network: regain guest network connectivity after firewalld switch to nftables' (rhbz#1650320)\n- configure: change HAVE_FIREWALLD to WITH_FIREWALLD (rhbz#1650320)\n- util: move all firewalld-specific stuff into its own files (rhbz#1650320)\n- util: new virFirewallD APIs + docs (rhbz#1650320)\n- configure: selectively install a firewalld 'libvirt' zone (rhbz#1650320)\n- network: set firewalld zone of bridges to 'libvirt' zone when appropriate (rhbz#1650320)\n- network: allow configuring firewalld zone for virtual network bridge device (rhbz#1650320)\n- util: remove test code accidentally committed to virFirewallDZoneExists (rhbz#1650320)\n- qemu: command: Don't skip 'readonly' and throttling info for empty drive (rhbz#1670337)\n[4.5.0-20]\n- RHEL: qemu: Fix crash trying to use iSCSI hostdev (rhbz#1669424)\n[4.5.0-19]\n- qemu: Fix logic error in qemuSetUnprivSGIO (rhbz#1666605)\n- tests: qemuxml2argv: Add test case for empty CDROM with cache mode (rhbz#1553255)\n- qemu: command: Don't format image properties for empty -drive (rhbz#1553255)\n[4.5.0-18]\n- conf: correct false boot order error during domain parse (rhbz#1630393)\n- qemu: Remove duplicated qemuAgentCheckError (rhbz#1665000)\n- qemu: require reply from guest agent in qemuAgentGetInterfaces (rhbz#1665000)\n- qemu: Filter non SCSI hostdevs in qemuHostdevPrepareSCSIDevices (rhbz#1665244)\n- util: remove const specifier from nlmsghdr arg to virNetlinkDumpCallback() (rhbz#1583131)\n- util: add a function to insert new interfaces to IPv6CheckForwarding list (rhbz#1583131)\n- util: use nlmsg_find_attr() instead of an open-coded loop (rhbz#1583131)\n- util: check accept_ra for all nexthop interfaces of multipath routes (rhbz#1583131)\n- util: make forgotten changes suggested during review of commit d40b820c (rhbz#1583131)\n[4.5.0-17]\n- virsh: Strip XML declaration when extracting CPU XMLs (rhbz#1659048)\n- RHEL: qemu: Add ability to set sgio values for hostdev (rhbz#1582424)\n- RHEL: qemu: Add check for unpriv sgio for SCSI generic host device (rhbz#1582424)\n- qemu: Alter @val usage in qemuSetUnprivSGIO (rhbz#1656362)\n- qemu: Alter qemuSetUnprivSGIO hostdev shareable logic (rhbz#1656362)\n[4.5.0-16]\n- util: Don't overflow in virRandomBits (rhbz#1655586)\n- virrandom: Avoid undefined behaviour in virRandomBits (rhbz#1655586)\n- spec: remove libcgroup and cgconfig (rhbz#1602407)\n- qemu: Drop duplicated code from qemuDomainDefValidateFeatures() (rhbz#1647822)\n- tests: Add capabilities data for QEMU 3.1.0 on ppc64 (rhbz#1647822)\n- qemu: Introduce QEMU_CAPS_MACHINE_PSERIES_CAP_NESTED_HV (rhbz#1647822)\n- conf: Parse and format nested-hv feature (rhbz#1647822)\n- qemu: Format nested-hv feature on the command line (rhbz#1647822)\n- qemu: Add check for whether KVM nesting is enabled (rhbz#1645139)\n- secret: Add check/validation for correct usage when LookupByUUID (rhbz#1656255)\n- cpu: Add support for 'stibp' x86_64 feature (rhbz#1655032)\n[4.5.0-15]\n- virfile: Take symlink into account in virFileIsSharedFixFUSE (rhbz#1634782)\n- qemu: Ignore nwfilter binding instantiation issues during reconnect (rhbz#1648544)\n- qemu: Set identity for the reconnect all thread (rhbz#1648546)\n- Revert 'access: Modify the VIR_ERR_ACCESS_DENIED to include driverName' (rhbz#1631608)\n- access: Modify the VIR_ERR_ACCESS_DENIED to include driverName (rhbz#1631608)\n- qemu: add vfio-ap capability (rhbz#1508146)\n- qemu: vfio-ap device support (rhbz#1508146)\n- qemu: Extract MDEV VFIO PCI validation code into a separate helper (rhbz#1508146)\n- conf: Move VFIO AP validation from post parse to QEMU validation code (rhbz#1508146)\n- qemu: Fix post-copy migration on the source (rhbz#1649169)\n[4.5.0-14]\n- storage: Remove secretPath from _virStorageBackendQemuImgInfo (rhbz#1645459)\n- storage: Allow for inputvol to have any format for encryption (rhbz#1645459)\n- storage: Allow inputvol to be encrypted (rhbz#1645459)\n- access: Modify the VIR_ERR_ACCESS_DENIED to include driverName (rhbz#1631608)\n- docs: Enhance polkit documentation to describe secondary connection (rhbz#1631608)\n- qemu: Don't ignore resume events (rhbz#1634758, rhbz#1643338)\n[4.5.0-13]\n- Revert 'spec: Temporarily drop gluster support' (rhbz#1599339)\n[4.5.0-12]\n- RHEL: Require firewalld-filesystem for firewalld rpm macros (rhbz#1639932)\n[4.5.0-11]\n- virfile: fix cast-align error (rhbz#1634782)\n- virfiletest: Fix test name prefix for virFileInData test (rhbz#1634782)\n- virfiletst: Test virFileIsSharedFS (rhbz#1634782)\n- virFileIsSharedFSType: Detect direct mount points (rhbz#1634782)\n- virfile: Rework virFileIsSharedFixFUSE (rhbz#1634782)\n- RHEL: network: regain guest network connectivity after firewalld switch to nftables (rhbz#1638864)\n[4.5.0-10]\n- conf: Fix check for chardev source path (rhbz#1609723)\n- tests: Reuse qemucapabilities data for qemucaps2xml (rhbz#1629862)\n- tests: Add more tests to qemucaps2xml (rhbz#1629862)\n- qemu: Drop QEMU_CAPS_ENABLE_KVM (rhbz#1629862)\n- qemu: Avoid probing non-native binaries all the time (rhbz#1629862)\n- qemu: Clarify QEMU_CAPS_KVM (rhbz#1629862)\n- qemu: Don't check for /dev/kvm presence (rhbz#1629862)\n- tests: Follow up on qemucaps2xmldata rename (rhbz#1629862)\n- security: dac: also label listen UNIX sockets (rhbz#1634775)\n- spec: Set correct TLS priority (rhbz#1632269)\n- spec: Build ceph and gluster support everywhere (rhbz#1599546)\n- virsh: Require explicit --domain for domxml-to-native (rhbz#1634769)\n- virFileIsSharedFSType: Check for fuse.glusterfs too (rhbz#1634782)\n- qemu: fix up permissions for pre-created UNIX sockets (rhbz#1634775)\n- cpu_map: Add features for Icelake CPUs (rhbz#1527657, rhbz#1526625)\n- cpu_map: Add Icelake CPU models (rhbz#1526625)\n- qemu: Properly report VIR_DOMAIN_EVENT_RESUMED_FROM_SNAPSHOT (rhbz#1634758)\n- qemu: Report more appropriate running reasons (rhbz#1634758)\n- qemu: Pass running reason to RESUME event handler (rhbz#1634758)\n- qemu: Map running reason to resume event detail (rhbz#1634758)\n- qemu: Avoid duplicate resume events and state changes (rhbz#1634758)\n- conf: qemu: add support for Hyper-V frequency MSRs (rhbz#1589702)\n- conf: qemu: add support for Hyper-V reenlightenment notifications (rhbz#1589702)\n- conf: qemu: add support for Hyper-V PV TLB flush (rhbz#1589702)\n[4.5.0-9]\n- RHEL: Fix virConnectGetMaxVcpus output (rhbz#1582222)\n- storage: Add --shrink to qemu-img command when shrinking vol (rhbz#1622534)\n- access: Fix nwfilter-binding ACL access API name generation (rhbz#1622540)\n- conf: Add validation of input devices (rhbz#1591240)\n- tests: qemu: Remove disk from graphics-vnc-tls (rhbz#1598167)\n- tests: qemu: test more versions for graphics-vnc-tls (rhbz#1598167)\n- qemu: vnc: switch to tls-creds-x509 (rhbz#1598167)\n- qemu: mdev: Use vfio-pci 'display' property only with vfio-pci mdevs (rhbz#1624740)\n- virDomainDefCompatibleDevice: Relax alias change check (rhbz#1603133)\n- virDomainDetachDeviceFlags: Clarify update semantics (rhbz#1603133)\n- virDomainNetDefCheckABIStability: Check for MTU change too (rhbz#1623158)\n- RHEL: spec: Require python3-devel on RHEL-8 (rhbz#1518446)\n- qemu: monitor: Remove qemuMonitorJSONExtractCPUArchInfo wrapper (rhbz#1598829)\n- qemu: monitor: Use 'target' instead of 'arch' in reply of 'query-cpus-fast' (rhbz#1598829)\n[4.5.0-8]\n- tests: Add missing thread_siblings_list files (rhbz#1608479)\n- util: Rewrite virHostCPUCountThreadSiblings() (rhbz#1608479)\n- utils: Remove arbitrary limit on socket_id/core_id (rhbz#1608479)\n- tests: Add linux-high-ids test (rhbz#1608479)\n- qemu: hotplug: Fix asynchronous unplug of 'shmem' (rhbz#1618680)\n- tests: rename hugepages to hugepages-default (rhbz#1615461)\n- tests: extract hugepages-numa-default-dimm out of hugepages-numa (rhbz#1615461)\n- tests: rename hugepages-numa into hugepages-numa-default (rhbz#1615461)\n- tests: remove unnecessary XML elements from hugepages-numa-default (rhbz#1615461)\n- tests: extract pages-discard out of hugepages-pages (rhbz#1615461)\n- tests: rename hugepages-pages into hugepages-numa-nodeset (rhbz#1615461)\n- tests: rename hugepages-pages2 into hugepages-numa-default-2M (rhbz#1615461)\n- tests: extract pages-discard-hugepages out of hugepages-pages3 (rhbz#1615461)\n- tests: rename hugepages-pages3 into hugepages-numa-nodeset-part (rhbz#1615461)\n- tests: rename hugepages-pages4 into hugepages-numa-nodeset-nonexist (rhbz#1615461)\n- tests: rename hugepages-pages5 into hugepages-default-2M (rhbz#1615461)\n- tests: rename hugepages-pages6 into hugepages-default-system-size (rhbz#1615461)\n- tests: rename hugepages-pages7 into pages-dimm-discard (rhbz#1615461)\n- tests: rename hugepages-pages8 into hugepages-nodeset-nonexist (rhbz#1615461)\n- tests: introduce hugepages-default-1G-nodeset-2M (rhbz#1615461)\n- tests: introduce hugepages-nodeset (rhbz#1615461)\n- conf: Move hugepage XML validation check out of qemu_command (rhbz#1615461)\n- conf: Move hugepages validation out of XML parser (rhbz#1615461)\n- conf: Introduce virDomainDefPostParseMemtune (rhbz#1615461)\n- tests: sev: Test launch-security with specific QEMU version (rhbz#1619150)\n- qemu: Fix probing of AMD SEV support (rhbz#1619150)\n- qemu: caps: Format SEV platform data into qemuCaps cache (rhbz#1619150)\n- conf: Parse guestfwd channel device info again (rhbz#1610072)\n[4.5.0-7]\n- qemu_migration: Avoid writing to freed memory (rhbz#1615854)\n[4.5.0-6]\n- qemu: Exempt video model 'none' from getting a PCI address on Q35\n- conf: Fix a error msg typo in virDomainVideoDefValidate\n[4.5.0-5]\n- esx storage: Fix typo lsilogic -> lsiLogic\n- networkGetDHCPLeases: Don't always report error if unable to read leases file\n- nwfilter: Resolve SEGV for NWFilter Snoop processing\n- qemu: Remove unused bypassSecurityDriver from qemuOpenFileAs\n- qemuDomainSaveMemory: Don't enforce dynamicOwnership\n- domain_nwfilter: Return early if net has no name in virDomainConfNWFilterTeardownImpl\n- examples: Add clean-traffic-gateway into nwfilters\n[4.5.0-4]\n- qemu: hotplug: don't overwrite error message in qemuDomainAttachNetDevice\n- qemu: hotplug: report error when changing rom enabled attr for net iface\n- qemu: Fix setting global_period cputune element\n- tests: qemucaps: Add test data for upcoming qemu 3.0.0\n- qemu: capabilities: Add capability for werror/rerror for 'usb-device' frontend\n- qemu: command: Move graphics iteration to its own function\n- qemu: address: Handle all the video devices within a single loop\n- conf: Introduce virDomainVideoDefClear helper\n- conf: Introduce virDomainDefPostParseVideo helper\n- qemu: validate: Enforce compile time switch type checking for videos\n- tests: Add capabilities data for QEMU 2.11 x86_64\n- tests: Update capabilities data for QEMU 3.0.0 x86_64\n- qemu: qemuBuildHostdevCommandLine: Use a helper variable mdevsrc\n- qemu: caps: Introduce a capability for egl-headless\n- qemu: Introduce a new graphics display type 'headless'\n- qemu: caps: Add vfio-pci.display capability\n- conf: Introduce virDomainGraphicsDefHasOpenGL helper\n- conf: Replace 'error' with 'cleanup' in virDomainHostdevDefParseXMLSubsys\n- conf: Introduce new \n attribute 'display'\n- qemu: command: Enable formatting vfio-pci.display option onto cmdline\n- docs: Rephrase the mediated devices hostdev section a bit\n- conf: Introduce new video type 'none'\n- virt-xml-validate: Add schema for nwfilterbinding\n- tools: Fix typo generating adapter_wwpn field\n- src: Fix memory leak in virNWFilterBindingDispose\n[4.5.0-3]\n- qemu: hotplug: Do not try to add secret object for TLS if it does not exist\n- qemu: monitor: Make qemuMonitorAddObject more robust against programming errors\n- spec: Explicitly require matching libvirt-libs\n- virDomainConfNWFilterInstantiate: initialize @xml to avoid random crash\n- qemuProcessStartPRDaemonHook: Try to set NS iff domain was started with one\n- qemuDomainValidateStorageSource: Relax PR validation\n- virStoragePRDefFormat: Suppress path formatting for migratable XML\n- qemu: Wire up PR_MANAGER_STATUS_CHANGED event\n- qemu_monitor: Introduce qemuMonitorJSONGetPRManagerInfo\n- qemu: Fetch pr-helper process info on reconnect\n- qemu: Fix ATTRIBUTE_NONNULL for qemuMonitorAddObject\n- virsh.pod: Fix a command name typo in nwfilter-binding-undefine\n- docs: schema: Add missing \n to vsock device\n- virnetdevtap: Don't crash on !ifname in virNetDevTapInterfaceStats\n- tests: fix TLS handshake failure with TLS 1.3\n[4.5.0-2]\n- qemu: Add capability for the HTM pSeries feature\n- conf: Parse and format the HTM pSeries feature\n- qemu: Format the HTM pSeries feature\n- qemu: hotplug: Don't access srcPriv when it's not allocated\n- qemuDomainNestedJobAllowed: Allow QEMU_JOB_NONE\n- src: Mention DEVICE_REMOVAL_FAILED event in virDomainDetachDeviceAlias docs\n- virsh.pod: Drop --persistent for detach-device-alias\n- qemu: don't use chardev FD passing with standalone args\n- qemu: remove chardevStdioLogd param from vhostuser code path\n- qemu: consolidate parameters of qemuBuildChrChardevStr into flags\n- qemu: don't use chardev FD passing for vhostuser backend\n- qemu: fix UNIX socket chardevs operating in client mode\n- qemuDomainDeviceDefValidateNetwork: Check for range only if IP prefix set\n- spec: Temporarily drop gluster support\n[4.5.0-1]\n- Rebased to libvirt-4.5.0\n[4.3.0-1]\n- Rebased to libvirt-4.3.0\n[4.1.0-2]\n- Fix systemd macro argument with line continuations (rhbz#1558648)\n[4.1.0-1]\n- Rebase to version 4.1.0\n[4.0.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild\n[4.0.0-1]\n- Rebase to version 4.0.0\n[3.10.0-2]\n- Rebuild for xen 4.10\n[3.10.0-1]\n- Rebase to version 3.10.0\n[3.9.0-1]\n- Rebase to version 3.9.0\n[3.8.0-1]\n- Rebase to version 3.8.0\n[3.7.0-1]\n- Rebase to version 3.7.0\n[3.6.0-1]\n- Rebase to version 3.6.0\n[3.5.0-4]\n- Rebuild with binutils fix for ppc64le (#1475636)\n[3.5.0-3]\n- Disabled RBD on i386, arm, ppc64 (rhbz #1474743)\n[3.5.0-2]\n- Rebuild for xen 4.9\n[3.5.0-1]\n- Rebase to version 3.5.0\n[3.4.0-1]\n- Rebase to version 3.4.0\n[3.3.0-1]\n- Rebase to version 3.3.0\n[3.2.0-1]\n- Rebase to version 3.2.0\n[3.1.0-1]\n- Rebase to version 3.1.0\n[3.0.0-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild\n[3.0.0-1]\n- Rebase to version 3.0.0\nlibvirt-dbus\nlibvirt-python\nnbdkit\nnetcf\n[0.2.8-12]\n- Resolves: rhbz#1602628\nperl-Sys-Virt\nqemu-kvm\n[2.12.0-88.0.1.el8_1_0.2]\n- Added bug30251155-remove-upstream-reference [Orabug: 30251155]\n[2.12.0-88.el8_1_0.2]\n- kvm-target-i386-Export-TAA_NO-bit-to-guests.patch [bz#1771970]\n- kvm-target-i386-add-support-for-MSR_IA32_TSX_CTRL.patch [bz#1771970]\n- Resolves: bz#1771970\n (CVE-2019-11135 virt:rhel/qemu-kvm: hw: TSX Transaction Asynchronous Abort (TAA) [rhel-8.1.0.z])\n[2.12.0-88.el8_1_0.1]\n- kvm-s390-PCI-fix-IOMMU-region-init.patch [bz#1764829]\n- Resolves: bz#1764829\n (RHEL8.1 Snapshot3 - Passthrough PCI card goes into error state if used in domain (kvm) [rhel-8.1.0.z])\n[2.12.0-88.el8]\n- Revert fix for bz#1749724 - this got delayed to 8.2\n (CVE-2019-15890 qemu-kvm: QEMU: Slirp: use-after-free during packet reassembly [rhel-8])\n[2.12.0-86.el8]\n- kvm-Do-not-run-iotests-on-brew-build.patch [bz#1742819]\n- kvm-target-ppc-spapr-Add-workaround-option-to-SPAPR_CAP_.patch [bz#1744415]\n- kvm-target-ppc-spapr-Add-SPAPR_CAP_CCF_ASSIST.patch [bz#1744415]\n- kvm-i386-x86_cpu_list_feature_names-function.patch [bz#1747185]\n- kvm-i386-unavailable-features-QOM-property.patch [bz#1747185]\n- kvm-file-posix-Handle-undetectable-alignment.patch [bz#1738839]\n- kvm-iotests-Tweak-221-sizing-for-different-hole-granular.patch [bz#1738839]\n- kvm-iotests-Filter-175-s-allocation-information.patch [bz#1738839]\n- kvm-block-posix-Always-allocate-the-first-block.patch [bz#1738839]\n- kvm-iotests-Test-allocate_first_block-with-O_DIRECT.patch [bz#1738839]\n- Resolves: bz#1738839\n (I/O error when virtio-blk disk is backed by a raw image on 4k disk)\n- Resolves: bz#1742819\n (Remove iotests from qemu-kvm builds [RHEL 8.1.0])\n- Resolves: bz#1744415\n (Backport support for count cache flush Spectre v2 mitigation [slow train])\n- Resolves: bz#1747185\n ('filtered-features' QOM property is not available)\n[2.12.0-85.el8]\n- kvm-console-Avoid-segfault-in-screendump.patch [bz#1684383]\n- kvm-usb-hub-clear-suspend-on-detach.patch [bz#1619661]\n- kvm-qemu-img-fix-regression-copying-secrets-during-conve.patch [bz#1727821]\n- Resolves: bz#1619661\n (the attach hub on one hub still exits in device manager after unhotplug)\n- Resolves: bz#1684383\n (qemu crashed when take screenshot for 2nd head of virtio video device if the display not opened by virt-viewer)\n- Resolves: bz#1727821\n (Failed to convert a source image to the qcow2 image encrypted by luks)\n[2.12.0-84.el8]\n- kvm-vnc-detect-and-optimize-pageflips.patch [bz#1727033]\n- kvm-block-backend-Make-blk_inc-dec_in_flight-public.patch [bz#1716349]\n- kvm-virtio-blk-Increase-in_flight-for-request-restart-BH.patch [bz#1716349]\n- kvm-block-Fix-AioContext-switch-for-drained-node.patch [bz#1716349]\n- kvm-test-bdrv-drain-AioContext-switch-in-drained-section.patch [bz#1716349]\n- kvm-block-Use-normal-drain-for-bdrv_set_aio_context.patch [bz#1716349]\n- kvm-block-Fix-AioContext-switch-for-bs-drv-NULL.patch [bz#1716347]\n- kvm-iothread-fix-crash-with-invalid-properties.patch [bz#1687541]\n- kvm-iothread-replace-init_done_cond-with-a-semaphore.patch [bz#1687541]\n- kvm-RHEL-disable-hostmem-memfd.patch [bz#1740797]\n- Resolves: bz#1687541\n (qemu aborted when start guest with a big iothreads)\n- Resolves: bz#1716347\n (Qemu Core dump when quit vm that's in status 'paused(io-error)' with data plane enabled)\n- Resolves: bz#1716349\n (qemu with iothreads enabled crashes on resume after enospc pause for disk extension)\n- Resolves: bz#1727033\n (vnc server should detect page-flips and avoid sending fullscreen updates then.)\n- Resolves: bz#1740797\n (Disable memfd in QEMU)\n[2.12.0-83.el8]\n- kvm-hw-block-pflash_cfi01-Add-missing-DeviceReset-handle.patch [bz#1707192]\n- kvm-block-file-posix-Unaligned-O_DIRECT-block-status.patch [bz#1678979]\n- kvm-iotests-Test-unaligned-raw-images-with-O_DIRECT.patch [bz#1678979]\n- kvm-nbd-client-Lower-min_block-for-block-status-unaligne.patch [bz#1678979]\n- kvm-nbd-client-Reject-inaccessible-tail-of-inconsistent-.patch [bz#1678979]\n- kvm-nbd-client-Support-qemu-img-convert-from-unaligned-s.patch [bz#1678979]\n- kvm-block-Add-bdrv_get_request_alignment.patch [bz#1678979]\n- kvm-nbd-server-Advertise-actual-minimum-block-size.patch [bz#1678979]\n- kvm-slirp-check-sscanf-result-when-emulating-ident.patch [bz#1727642]\n- kvm-slirp-fix-big-little-endian-conversion-in-ident-prot.patch [bz#1727642]\n- kvm-slirp-ensure-there-is-enough-space-in-mbuf-to-null-t.patch [bz#1727642]\n- kvm-slirp-don-t-manipulate-so_rcv-in-tcp_emu.patch [bz#1727642]\n- kvm-tap-set-vhostfd-passed-from-qemu-cli-to-non-blocking.patch [bz#1732642]\n- kvm-Fix-heap-overflow-in-ip_reass-on-big-packet-input.patch [bz#1734751]\n- Resolves: bz#1678979\n (qemu-img convert abort when converting image with unaligned size (qemu-img: block/io.c:2134: bdrv_co_block_status: Assertion ret == cpu->kvm_msr_buf->nmsrs' failed.)\n[2.12.0-71.el8]\n- kvm-s390-bios-Skip-bootmap-signature-entries.patch [bz#1683275]\n- Resolves: bz#1683275\n ([IBM 8.1 FEAT] KVM: Secure Linux Boot Toleration (qemu))\n[2.12.0-70.el8]\n- kvm-i386-Add-new-MSR-indices-for-IA32_PRED_CMD-and-IA32_.patch [bz#1561761]\n- kvm-i386-Add-CPUID-bit-and-feature-words-for-IA32_ARCH_C.patch [bz#1561761]\n- kvm-i386-Add-CPUID-bit-for-PCONFIG.patch [bz#1561761]\n- kvm-i386-Add-CPUID-bit-for-WBNOINVD.patch [bz#1561761]\n- kvm-i386-Add-new-CPU-model-Icelake-Server-Client.patch [bz#1561761]\n- kvm-Add-support-to-KVM_GET_MSR_FEATURE_INDEX_LIST-an.patch [bz#1561761]\n- kvm-x86-Data-structure-changes-to-support-MSR-based-feat.patch [bz#1561761]\n- kvm-x86-define-a-new-MSR-based-feature-word-FEATURE_WORD.patch [bz#1561761]\n- kvm-i386-remove-the-new-CPUID-PCONFIG-from-Icelake-Serve.patch [bz#1561761]\n- kvm-Revert-i386-Add-CPUID-bit-for-PCONFIG.patch [bz#1561761]\n- Resolves: bz#1561761\n ([Intel 8.1 Feat] qemu-kvm Introduce Icelake cpu model)\n[2.12.0-69.el8]\n- kvm-tests-crypto-Use-the-IEC-binary-prefix-definitions.patch [bz#1680231]\n- kvm-crypto-expand-algorithm-coverage-for-cipher-benchmar.patch [bz#1680231]\n- kvm-crypto-remove-code-duplication-in-tweak-encrypt-decr.patch [bz#1680231]\n- kvm-crypto-introduce-a-xts_uint128-data-type.patch [bz#1680231]\n- kvm-crypto-convert-xts_tweak_encdec-to-use-xts_uint128-t.patch [bz#1680231]\n- kvm-crypto-convert-xts_mult_x-to-use-xts_uint128-type.patch [bz#1680231]\n- kvm-crypto-annotate-xts_tweak_encdec-as-inlineable.patch [bz#1680231]\n- kvm-crypto-refactor-XTS-cipher-mode-test-suite.patch [bz#1680231]\n- kvm-crypto-add-testing-for-unaligned-buffers-with-XTS-ci.patch [bz#1680231]\n- Resolves: bz#1680231\n (severe performance impact using luks format)\n[2.12.0-68.el8]\n- kvm-s390x-ipl-Try-to-detect-Linux-vs-non-Linux-for-initi.patch [bz#1699070]\n- kvm-loader-Check-access-size-when-calling-rom_ptr-to-avo.patch [bz#1699070]\n- kvm-hw-s390x-Use-the-IEC-binary-prefix-definitions.patch [bz#1699070]\n- kvm-s390x-storage-attributes-fix-CMMA_BLOCK_SIZE-usage.patch [bz#1699070]\n- kvm-s390x-cpumodel-fix-segmentation-fault-when-baselinin.patch [bz#1699070]\n- kvm-hw-s390x-s390-pci-bus-Convert-sysbus-init-function-t.patch [bz#1699070]\n- kvm-s390x-pci-properly-fail-if-the-zPCI-device-cannot-be.patch [bz#1699070]\n- kvm-s390x-pci-rename-hotplug-handler-callbacks.patch [bz#1699070]\n- kvm-s390-avoid-potential-null-dereference-in-s390_pcihos.patch [bz#1699070]\n- kvm-s390x-pci-Send-correct-event-on-hotplug.patch [bz#1699070]\n- kvm-s390x-pci-Set-the-iommu-region-size-mpcifc-request.patch [bz#1699070]\n- kvm-s390x-pci-Always-delete-and-free-the-release_timer.patch [bz#1699070]\n- kvm-s390x-pci-Ignore-the-unplug-call-if-we-already-have-.patch [bz#1699070]\n- kvm-s390x-pci-Use-hotplug_dev-instead-of-looking-up-the-.patch [bz#1699070]\n- kvm-s390x-pci-Move-some-hotplug-checks-to-the-pre_plug-h.patch [bz#1699070]\n- kvm-s390x-pci-Introduce-unplug-requests-and-split-unplug.patch [bz#1699070]\n- kvm-s390x-pci-Drop-release-timer-and-replace-it-with-a-f.patch [bz#1699070]\n- kvm-s390x-pci-mark-zpci-devices-as-unmigratable.patch [bz#1699070]\n- kvm-s390x-pci-Fix-primary-bus-number-for-PCI-bridges.patch [bz#1699070]\n- kvm-s390x-pci-Fix-hotplugging-of-PCI-bridges.patch [bz#1699070]\n- kvm-s390x-pci-Warn-when-adding-PCI-devices-without-the-z.patch [bz#1699070]\n- kvm-s390x-pci-Unplug-remaining-requested-devices-on-pcih.patch [bz#1699070]\n- kvm-s390x-refactor-reset-reipl-handling.patch [bz#1699070]\n- kvm-s390-ipl-fix-ipl-with-no-reboot.patch [bz#1699070]\n- Resolves: bz#1699070\n (Backport s390x-related fixes for qemu-kvm)\n[2.12.0-67.el8]\n- kvm-device_tree-Fix-integer-overflowing-in-load_device_t.patch [bz#1693116]\n- Resolves: bz#1693116\n (CVE-2018-20815 qemu-kvm: QEMU: device_tree: heap buffer overflow while loading device tree blob [rhel-8.0])\n[2.12.0-66.el8]\n- kvm-iotests-153-Fix-dead-code.patch [bz#1694148]\n- kvm-file-posix-Include-filename-in-locking-error-message.patch [bz#1694148]\n- kvm-file-posix-Skip-effectiveless-OFD-lock-operations.patch [bz#1694148]\n- kvm-file-posix-Drop-s-lock_fd.patch [bz#1694148]\n- kvm-tests-Add-unit-tests-for-image-locking.patch [bz#1694148]\n- kvm-file-posix-Fix-shared-locks-on-reopen-commit.patch [bz#1694148]\n- kvm-iotests-Test-file-posix-locking-and-reopen.patch [bz#1694148]\n- kvm-block-file-posix-do-not-fail-on-unlock-bytes.patch [bz#1694148]\n- kvm-hostmem-file-remove-object-id-from-pmem-error-messag.patch [bz#1687596]\n- kvm-redhat-setting-target-release-to-rhel-8.1.0.patch []\n- kvm-redhat-removing-iotest-182.patch []\n- Resolves: bz#1687596\n ([Intel 8.1 BUG][KVM][Crystal Ridge]object_get_canonical_path_component: assertion failed: (obj->parent != NULL))\n- Resolves: bz#1694148\n (QEMU image locking needn't double open fd number, and it should not fail when attempting to release locks)\n[2.12.0-65.el8]\n- kvm-s390x-cpumodel-mepochptff-warn-when-no-mepoch-and-re.patch [bz#1664371]\n- kvm-s390x-cpumodel-add-z14-GA2-model.patch [bz#1664371]\n- kvm-redhat-s390x-cpumodel-enable-mepoch-by-default-for-z.patch [bz#1664371]\n- kvm-intel_iommu-fix-operator-in-vtd_switch_address_space.patch [bz#1662272]\n- kvm-intel_iommu-reset-intr_enabled-when-system-reset.patch [bz#1662272]\n- kvm-pci-msi-export-msi_is_masked.patch [bz#1662272]\n- kvm-i386-kvm-ignore-masked-irqs-when-update-msi-routes.patch [bz#1662272]\n- Resolves: bz#1662272\n (Boot guest with device assignment+vIOMMU, qemu prompts 'vtd_interrupt_remap_msi: MSI address low 32 bit invalid: 0x0' when first rebooting guest)\n- Resolves: bz#1664371\n ([IBM 8.1 FEAT] Update hardware CPU Model z14 (kvm) - qemu part)\n[2.12.0-64.el8]\n- kvm-doc-fix-the-configuration-path.patch [bz#1645411]\n- kvm-Increase-number-of-iotests-being-run-as-a-part-of-RH.patch [bz#1664463]\n- kvm-Load-kvm-module-during-boot.patch [bz#1676907 bz#1685995]\n- kvm-qemu-kvm.spec.template-Update-pyton-path-to-system-i.patch []\n- Resolves: bz#1645411\n (the 'fsfreeze-hook' script path shown by command 'qemu-ga --help' or 'man qemu-ga' is wrong)\n- Resolves: bz#1664463\n (Modify iotest behavior to include luks and nbd and fail build if iotests fail)\n- Resolves: bz#1676907\n (/dev/kvm device exists but kernel module is not loaded on boot up causing VM start to fail in libvirt)\n- Resolves: bz#1685995\n (/dev/kvm device exists but kernel module is not loaded on boot up causing VM start to fail in libvirt)\n[2.12.0-63.el8]\n- kvm-scsi-generic-avoid-possible-out-of-bounds-access-to-.patch [bz#1668162]\n- Resolves: bz#1668162\n (CVE-2019-6501 qemu-kvm: QEMU: scsi-generic: possible OOB access while handling inquiry request [rhel-8])\n[2.12.0-62.el8]\n- kvm-slirp-check-data-length-while-emulating-ident-functi.patch [bz#1669069]\n- Resolves: bz#1669069\n (CVE-2019-6778 qemu-kvm: QEMU: slirp: heap buffer overflow in tcp_emu() [rhel-8.0])\n[2.12.0-61.el8]\n- kvm-qemu-ga-make-get-fsinfo-work-over-pci-bridges.patch [bz#1666952]\n- kvm-qga-fix-driver-leak-in-guest-get-fsinfo.patch [bz#1666952]\n- Resolves: bz#1666952\n (qemu-guest-agent does not parse PCI bridge links in 'build_guest_fsinfo_for_real_device' (q35))\n[2.12.0-60.el8]\n- kvm-ne2000-fix-possible-out-of-bound-access-in-ne2000_re.patch [bz#1636784]\n- kvm-rtl8139-fix-possible-out-of-bound-access.patch [bz#1636784]\n- kvm-pcnet-fix-possible-buffer-overflow.patch [bz#1636784]\n- kvm-net-ignore-packet-size-greater-than-INT_MAX.patch [bz#1636784]\n- kvm-net-drop-too-large-packet-early.patch [bz#1636784]\n- kvm-net-hub-suppress-warnings-of-no-host-network-for-qte.patch [bz#1636784]\n- kvm-virtio-net-test-accept-variable-length-argument-in-p.patch [bz#1636784]\n- kvm-virtio-net-test-remove-unused-macro.patch [bz#1636784]\n- kvm-virtio-net-test-add-large-tx-buffer-test.patch [bz#1636784]\n- kvm-s390x-Return-specification-exception-for-unimplement.patch [bz#1668261]\n- kvm-cpus-ignore-ESRCH-in-qemu_cpu_kick_thread.patch [bz#1665844]\n- Resolves: bz#1636784\n (CVE-2018-17963 qemu-kvm: Qemu: net: ignore packets with large size [rhel-8])\n- Resolves: bz#1665844\n (Guest quit with error when hotunplug cpu)\n- Resolves: bz#1668261\n ([RHEL8] Backport diag308 stable exception fix (qemu-kvm))\n[2.12.0-59.el8]\n- kvm-hw-scsi-cleanups-before-VPD-BL-emulation.patch [bz#1639957]\n- kvm-hw-scsi-centralize-SG_IO-calls-into-single-function.patch [bz#1639957]\n- kvm-hw-scsi-add-VPD-Block-Limits-emulation.patch [bz#1639957]\n- kvm-scsi-disk-Block-Device-Characteristics-emulation-fix.patch [bz#1639957]\n- kvm-scsi-generic-keep-VPD-page-list-sorted.patch [bz#1639957]\n- kvm-scsi-generic-avoid-out-of-bounds-access-to-VPD-page-.patch [bz#1639957]\n- kvm-scsi-generic-avoid-invalid-access-to-struct-when-emu.patch [bz#1639957]\n- kvm-scsi-generic-do-not-do-VPD-emulation-for-sense-other.patch [bz#1639957]\n- Resolves: bz#1639957\n ([RHEL.8] scsi host device passthrough limits IO writes - slow train)\n[2.12.0-58.el8]\n- kvm-block-Update-flags-in-bdrv_set_read_only.patch [bz#1644996]\n- kvm-block-Add-auto-read-only-option.patch [bz#1644996]\n- kvm-rbd-Close-image-in-qemu_rbd_open-error-path.patch [bz#1644996]\n- kvm-block-Require-auto-read-only-for-existing-fallbacks.patch [bz#1644996]\n- kvm-nbd-Support-auto-read-only-option.patch [bz#1644996]\n- kvm-file-posix-Support-auto-read-only-option.patch [bz#1644996]\n- kvm-curl-Support-auto-read-only-option.patch [bz#1644996]\n- kvm-gluster-Support-auto-read-only-option.patch [bz#1644996]\n- kvm-iscsi-Support-auto-read-only-option.patch [bz#1644996]\n- kvm-block-Make-auto-read-only-on-default-for-drive.patch [bz#1644996]\n- kvm-qemu-iotests-Test-auto-read-only-with-drive-and-bloc.patch [bz#1644996]\n- kvm-block-Fix-update-of-BDRV_O_AUTO_RDONLY-in-update_fla.patch [bz#1644996]\n- kvm-qemu-img-Add-C-option-for-convert-with-copy-offloadi.patch [bz#1623082]\n- kvm-iotests-Add-test-for-qemu-img-convert-C-compatibilit.patch [bz#1623082]\n- Resolves: bz#1623082\n ([rhel.8.0]Target files for 'qemu-img convert' do not support thin_provisoning with iscsi/nfs backend)\n- Resolves: bz#1644996\n (block-commit can't be used with -blockdev)\n[2.12.0-57.el8]\n- kvm-qemu-kvm.spec.template-Update-files-for-tests-rpm-to.patch [bz#1601107]\n[2.12.0-56.el8]\n- kvm-Run-iotests-as-part-of-the-build-process.patch [bz#1661026]\n- kvm-Introduce-the-qemu-kvm-tests-rpm.patch [bz#1601107]\n- Resolves: bz#1601107\n (qemu-kvm packaging: make running qemu-iotests more robust)\n- Resolves: bz#1661026\n (Run iotests as part of build process)\n[2.12.0-55.el8]\n- kvm-block-Don-t-inactivate-children-before-parents.patch [bz#1659395]\n- kvm-iotests-Test-migration-with-blockdev.patch [bz#1659395]\n- Resolves: bz#1659395\n (src qemu core dump when do migration ( block device node-name changed after change cdrom) - Slow Train)\n[2.12.0-54.el8]\n- kvm-s390x-tcg-avoid-overflows-in-time2tod-tod2time.patch [bz#1653569]\n- kvm-s390x-kvm-pass-values-instead-of-pointers-to-kvm_s39.patch [bz#1653569]\n- kvm-s390x-tod-factor-out-TOD-into-separate-device.patch [bz#1653569]\n- kvm-s390x-tcg-drop-tod_basetime.patch [bz#1653569]\n- kvm-s390x-tcg-properly-implement-the-TOD.patch [bz#1653569]\n- kvm-s390x-tcg-SET-CLOCK-COMPARATOR-can-clear-CKC-interru.patch [bz#1653569]\n- kvm-s390x-tcg-implement-SET-CLOCK.patch [bz#1653569]\n- kvm-s390x-tcg-rearm-the-CKC-timer-during-migration.patch [bz#1653569]\n- kvm-s390x-tcg-fix-locking-problem-with-tcg_s390_tod_upda.patch [bz#1653569]\n- kvm-hw-s390x-Include-the-tod-qemu-also-for-builds-with-d.patch [bz#1653569]\n- kvm-s390x-tod-Properly-stop-the-KVM-TOD-while-the-guest-.patch [bz#1653569]\n- kvm-hw-s390x-Fix-bad-mask-in-time2tod.patch [bz#1653569]\n- kvm-migration-discard-non-migratable-RAMBlocks.patch [bz#1539285]\n- kvm-vfio-pci-do-not-set-the-PCIDevice-has_rom-attribute.patch [bz#1539285]\n- kvm-memory-exec-Expose-all-memory-block-related-flags.patch [bz#1539285]\n- kvm-memory-exec-switch-file-ram-allocation-functions-to-.patch [bz#1539285]\n- kvm-configure-add-libpmem-support.patch [bz#1539285]\n- kvm-hostmem-file-add-the-pmem-option.patch [bz#1539285]\n- kvm-mem-nvdimm-ensure-write-persistence-to-PMEM-in-label.patch [bz#1539285]\n- kvm-migration-ram-Add-check-and-info-message-to-nvdimm-p.patch [bz#1539285]\n- kvm-migration-ram-ensure-write-persistence-on-loading-al.patch [bz#1539285]\n- Resolves: bz#1539285\n ([Intel 8.0 Bug] [KVM][Crystal Ridge] Lack of data persistence guarantee of QEMU writes to host PMEM)\n- Resolves: bz#1653569\n (Stress guest and stop it, then do live migration, guest hit call trace on destination end)\n[2.12.0-53.el8]\n- kvm-ui-add-qapi-parser-for-display.patch [bz#1652871]\n- kvm-ui-switch-trivial-displays-to-qapi-parser.patch [bz#1652871]\n- kvm-qapi-Add-rendernode-display-option-for-egl-headless.patch [bz#1652871]\n- kvm-ui-Allow-specifying-rendernode-display-option-for-eg.patch [bz#1652871]\n- kvm-qapi-add-query-display-options-command.patch [bz#1652871]\n- Resolves: bz#1652871\n (QEMU doesn't expose rendernode option for egl-headless display type)\n[2.12.0-52.el8]\n- kvm-Add-edk2-Requires-to-qemu-kvm.patch [bz#1654276]\n- Resolves: bz#1654276\n (qemu-kvm: Should depend on the architecture-appropriate guest firmware)\n[2.12.0-51.el8]\n- kvm-x86-host-phys-bits-limit-option.patch [bz#1598284]\n- kvm-rhel-Set-host-phys-bits-limit-48-on-rhel-machine-typ.patch [bz#1598284]\n- kvm-i386-do-not-migrate-MSR_SMI_COUNT-on-machine-types-2.patch [bz#1659565]\n- kvm-pc-x-migrate-smi-count-to-PC_RHEL_COMPAT.patch [bz#1659565]\n- kvm-slow-train-kvm-clear-out-KVM_ASYNC_PF_DELIVERY_AS_PF.patch [bz#1656829]\n- Resolves: bz#1598284\n ([Intel 8.0 Alpha] physical bits should < 48 when host with 5level paging &EPT5 and qemu command with '-cpu qemu64' parameters.)\n- Resolves: bz#1656829\n (8->7 migration failed: qemu-kvm: error: failed to set MSR 0x4b564d02 to 0x27fc13285)\n- Resolves: bz#1659565\n (machine type: required compat flag x-migrate-smi-count=off)\n[2.12.0-51]\n- kvm-Add-edk2-Requires-to-qemu-kvm.patch [bz#1654276]\n- Resolves: bz#1654276\n (qemu-kvm: Should depend on the architecture-appropriate guest firmware)\n[-]\n- kvm-redhat-enable-tpmdev-passthrough.patch [bz#1654486]\n- Resolves: bz#1654486\n ([RFE] enable TPM passthrough at compile time (qemu-kvm))\n[qemu-kvm-2.12.0-48]\n- kvm-redhat-use-autopatch-instead-of-PATCHAPPLY.patch [bz#1613128]\n- kvm-redhat-Removing-some-unused-build-flags-in-the-spec-.patch [bz#1613128]\n- kvm-redhat-Fixing-rhev-ma-conflicts.patch [bz#1613126]\n- kvm-redhat-Remove-_smp_mflags-cleanup-workaround-for-s39.patch [bz#1613128]\n- kvm-redhat-Removing-dead-code-from-the-spec-file.patch [bz#1613128]\n- kvm-i386-Add-stibp-flag-name.patch [bz#1639446]\n- kvm-Add-functional-acceptance-tests-infrastructure.patch [bz#1655807]\n- kvm-scripts-qemu.py-allow-adding-to-the-list-of-extra-ar.patch [bz#1655807]\n- kvm-Acceptance-tests-add-quick-VNC-tests.patch [bz#1655807]\n- kvm-scripts-qemu.py-introduce-set_console-method.patch [bz#1655807]\n- kvm-Acceptance-tests-add-Linux-kernel-boot-and-console-c.patch [bz#1655807]\n- kvm-Bootstrap-Python-venv-for-tests.patch [bz#1655807]\n- kvm-Acceptance-tests-add-make-rule-for-running-them.patch [bz#1655807]\n- Resolves: bz#1613126\n (Check and fix qemu-kvm-rhev and qemu-kvm-ma conflicts in qemu-kvm for rhel-8)\n- Resolves: bz#1613128\n (Spec file clean up)\n- Resolves: bz#1639446\n (Cross migration from RHEL7.5 to RHEL8 shouldn't fail with cpu flag stibp [qemu-kvm])\n- Resolves: bz#1655807\n (Backport avocado-qemu tests for QEMU 2.12)\n[qemu-kvm-2.12.0-47]\n- kvm-Disable-CONFIG_IPMI-and-CONFIG_I2C-for-ppc64.patch [bz#1640044]\n- kvm-Disable-CONFIG_CAN_BUS-and-CONFIG_CAN_SJA1000.patch [bz#1640042]\n- Resolves: bz#1640042\n (Disable CONFIG_CAN_BUS and CONFIG_CAN_SJA1000 config switches)\n- Resolves: bz#1640044\n (Disable CONFIG_I2C and CONFIG_IPMI in default-configs/ppc64-softmmu.mak)\n[qemu-kvm-2.12.0-46]\n- kvm-qcow2-Give-the-refcount-cache-the-minimum-possible-s.patch [bz#1656507]\n- kvm-docs-Document-the-new-default-sizes-of-the-qcow2-cac.patch [bz#1656507]\n- kvm-qcow2-Fix-Coverity-warning-when-calculating-the-refc.patch [bz#1656507]\n- kvm-include-Add-IEC-binary-prefixes-in-qemu-units.h.patch [bz#1656507]\n- kvm-qcow2-Options-documentation-fixes.patch [bz#1656507]\n- kvm-include-Add-a-lookup-table-of-sizes.patch [bz#1656507]\n- kvm-qcow2-Make-sizes-more-humanly-readable.patch [bz#1656507]\n- kvm-qcow2-Avoid-duplication-in-setting-the-refcount-cach.patch [bz#1656507]\n- kvm-qcow2-Assign-the-L2-cache-relatively-to-the-image-si.patch [bz#1656507]\n- kvm-qcow2-Increase-the-default-upper-limit-on-the-L2-cac.patch [bz#1656507]\n- kvm-qcow2-Resize-the-cache-upon-image-resizing.patch [bz#1656507]\n- kvm-qcow2-Set-the-default-cache-clean-interval-to-10-min.patch [bz#1656507]\n- kvm-qcow2-Explicit-number-replaced-by-a-constant.patch [bz#1656507]\n- kvm-block-backend-Set-werror-rerror-defaults-in-blk_new.patch [bz#1657637]\n- kvm-qcow2-Fix-cache-clean-interval-documentation.patch [bz#1656507]\n- Resolves: bz#1656507\n ([RHEL.8] qcow2 cache is too small)\n- Resolves: bz#1657637\n (Wrong werror default for -device drive=\n)\n[qemu-kvm-2.12.0-45]\n- kvm-target-ppc-add-basic-support-for-PTCR-on-POWER9.patch [bz#1639069]\n- kvm-linux-headers-Update-for-nested-KVM-HV-downstream-on.patch [bz#1639069]\n- kvm-target-ppc-Add-one-reg-id-for-ptcr.patch [bz#1639069]\n- kvm-ppc-spapr_caps-Add-SPAPR_CAP_NESTED_KVM_HV.patch [bz#1639069]\n- kvm-Re-enable-CONFIG_HYPERV_TESTDEV.patch [bz#1651195]\n- kvm-qxl-use-guest_monitor_config-for-local-renderer.patch [bz#1610163]\n- kvm-Declare-cirrus-vga-as-deprecated.patch [bz#1651994]\n- kvm-Do-not-build-bluetooth-support.patch [bz#1654651]\n- kvm-vfio-helpers-Fix-qemu_vfio_open_pci-crash.patch [bz#1645840]\n- kvm-balloon-Allow-multiple-inhibit-users.patch [bz#1650272]\n- kvm-Use-inhibit-to-prevent-ballooning-without-synchr.patch [bz#1650272]\n- kvm-vfio-Inhibit-ballooning-based-on-group-attachment-to.patch [bz#1650272]\n- kvm-vfio-ccw-pci-Allow-devices-to-opt-in-for-ballooning.patch [bz#1650272]\n- kvm-vfio-pci-Handle-subsystem-realpath-returning-NULL.patch [bz#1650272]\n- kvm-vfio-pci-Fix-failure-to-close-file-descriptor-on-err.patch [bz#1650272]\n- kvm-postcopy-Synchronize-usage-of-the-balloon-inhibitor.patch [bz#1650272]\n- Resolves: bz#1610163\n (guest shows border blurred screen with some resolutions when qemu boot with -device qxl-vga ,and guest on rhel7.6 has no such question)\n- Resolves: bz#1639069\n ([IBM 8.0 FEAT] POWER9 - Nested virtualization in RHEL8.0 KVM for ppc64le - qemu-kvm side)\n- Resolves: bz#1645840\n (Qemu core dump when hotplug nvme:// drive via -blockdev)\n- Resolves: bz#1650272\n (Ballooning is incompatible with vfio assigned devices, but not prevented)\n- Resolves: bz#1651195\n (Re-enable hyperv-testdev device)\n- Resolves: bz#1651994\n (Declare the 'Cirrus VGA' device emulation of QEMU as deprecated in RHEL8)\n- Resolves: bz#1654651\n (Qemu: hw: bt: keep bt/* objects from building [rhel-8.0])\n[qemu-kvm-2.12.0-44]\n- kvm-block-Make-more-block-drivers-compile-time-configura.patch [bz#1598842 bz#1598842]\n- kvm-RHEL8-Add-disable-configure-options-to-qemu-spec-fil.patch [bz#1598842]\n- Resolves: bz#1598842\n (Compile out unused block drivers)\n[qemu-kvm-2.12.0-43]\n- kvm-configure-add-test-for-libudev.patch [bz#1636185]\n- kvm-qga-linux-report-disk-serial-number.patch [bz#1636185]\n- kvm-qga-linux-return-disk-device-in-guest-get-fsinfo.patch [bz#1636185]\n- kvm-qemu-error-introduce-error-warn-_report_once.patch [bz#1625173]\n- kvm-intel-iommu-start-to-use-error_report_once.patch [bz#1625173]\n- kvm-intel-iommu-replace-more-vtd_err_-traces.patch [bz#1625173]\n- kvm-intel_iommu-introduce-vtd_reset_caches.patch [bz#1625173]\n- kvm-intel_iommu-better-handling-of-dmar-state-switch.patch [bz#1625173]\n- kvm-intel_iommu-move-ce-fetching-out-when-sync-shadow.patch [bz#1625173 bz#1629616]\n- kvm-intel_iommu-handle-invalid-ce-for-shadow-sync.patch [bz#1625173 bz#1629616]\n- kvm-block-remove-bdrv_dirty_bitmap_make_anon.patch [bz#1518989]\n- kvm-block-simplify-code-around-releasing-bitmaps.patch [bz#1518989]\n- kvm-hbitmap-Add-advance-param-to-hbitmap_iter_next.patch [bz#1518989]\n- kvm-test-hbitmap-Add-non-advancing-iter_next-tests.patch [bz#1518989]\n- kvm-block-dirty-bitmap-Add-bdrv_dirty_iter_next_area.patch [bz#1518989]\n- kvm-blockdev-backup-add-bitmap-argument.patch [bz#1518989]\n- kvm-dirty-bitmap-switch-assert-fails-to-errors-in-bdrv_m.patch [bz#1518989]\n- kvm-dirty-bitmap-rename-bdrv_undo_clear_dirty_bitmap.patch [bz#1518989]\n- kvm-dirty-bitmap-make-it-possible-to-restore-bitmap-afte.patch [bz#1518989]\n- kvm-blockdev-rename-block-dirty-bitmap-clear-transaction.patch [bz#1518989]\n- kvm-qapi-add-transaction-support-for-x-block-dirty-bitma.patch [bz#1518989]\n- kvm-block-dirty-bitmaps-add-user_locked-status-checker.patch [bz#1518989]\n- kvm-block-dirty-bitmaps-fix-merge-permissions.patch [bz#1518989]\n- kvm-block-dirty-bitmaps-allow-clear-on-disabled-bitmaps.patch [bz#1518989]\n- kvm-block-dirty-bitmaps-prohibit-enable-disable-on-locke.patch [bz#1518989]\n- kvm-block-backup-prohibit-backup-from-using-in-use-bitma.patch [bz#1518989]\n- kvm-nbd-forbid-use-of-frozen-bitmaps.patch [bz#1518989]\n- kvm-bitmap-Update-count-after-a-merge.patch [bz#1518989]\n- kvm-iotests-169-drop-deprecated-autoload-parameter.patch [bz#1518989]\n- kvm-block-qcow2-improve-error-message-in-qcow2_inactivat.patch [bz#1518989]\n- kvm-bloc-qcow2-drop-dirty_bitmaps_loaded-state-variable.patch [bz#1518989]\n- kvm-dirty-bitmaps-clean-up-bitmaps-loading-and-migration.patch [bz#1518989]\n- kvm-iotests-improve-169.patch [bz#1518989]\n- kvm-iotests-169-add-cases-for-source-vm-resuming.patch [bz#1518989]\n- kvm-pc-dimm-turn-alignment-assert-into-check.patch [bz#1630116]\n- Resolves: bz#1518989\n (RFE: QEMU Incremental live backup)\n- Resolves: bz#1625173\n ([NVMe Device Assignment] Guest could not boot up with q35+iommu)\n- Resolves: bz#1629616\n (boot guest with q35+vIOMMU+ device assignment, qemu terminal shows 'qemu-kvm: VFIO_UNMAP_DMA: -22' when return assigned network devices from vfio driver to ixgbe in guest)\n- Resolves: bz#1630116\n (pc_dimm_get_free_addr: assertion failed: (QEMU_ALIGN_UP(address_space_start, align) == address_space_start))\n- Resolves: bz#1636185\n ([RFE] Report disk device name and serial number (qemu-guest-agent on Linux))\n[2.12.0-42.el8]\n- kvm-luks-Allow-share-rw-on.patch [bz#1629701]\n- kvm-redhat-reenable-gluster-support.patch [bz#1599340]\n- kvm-redhat-bump-libusb-requirement.patch [bz#1627970]\n- Resolves: bz#1599340\n (Reenable glusterfs in qemu-kvm once BZ#1567292 gets fixed)\n- Resolves: bz#1627970\n (symbol lookup error: /usr/libexec/qemu-kvm: undefined symbol: libusb_set_option)\n- Resolves: bz#1629701\n ('share-rw=on' does not work for luks format image - Fast Train)\n[2.12.0-41.el8]\n- kvm-block-rbd-pull-out-qemu_rbd_convert_options.patch [bz#1635585]\n- kvm-block-rbd-Attempt-to-parse-legacy-filenames.patch [bz#1635585]\n- kvm-block-rbd-add-deprecation-documentation-for-filename.patch [bz#1635585]\n- kvm-block-rbd-add-iotest-for-rbd-legacy-keyvalue-filenam.patch [bz#1635585]\n- Resolves: bz#1635585\n (rbd json format of 7.6 is incompatible with 7.5)\n[2.12.0-40.el8]\n- kvm-vnc-call-sasl_server_init-only-when-required.patch [bz#1609327]\n- kvm-nbd-server-fix-NBD_CMD_CACHE.patch [bz#1636142]\n- kvm-nbd-fix-NBD_FLAG_SEND_CACHE-value.patch [bz#1636142]\n- kvm-test-bdrv-drain-bdrv_drain-works-with-cross-AioConte.patch [bz#1637976]\n- kvm-block-Use-bdrv_do_drain_begin-end-in-bdrv_drain_all.patch [bz#1637976]\n- kvm-block-Remove-recursive-parameter-from-bdrv_drain_inv.patch [bz#1637976]\n- kvm-block-Don-t-manually-poll-in-bdrv_drain_all.patch [bz#1637976]\n- kvm-tests-test-bdrv-drain-bdrv_drain_all-works-in-corout.patch [bz#1637976]\n- kvm-block-Avoid-unnecessary-aio_poll-in-AIO_WAIT_WHILE.patch [bz#1637976]\n- kvm-block-Really-pause-block-jobs-on-drain.patch [bz#1637976]\n- kvm-block-Remove-bdrv_drain_recurse.patch [bz#1637976]\n- kvm-test-bdrv-drain-Add-test-for-node-deletion.patch [bz#1637976]\n- kvm-block-Drain-recursively-with-a-single-BDRV_POLL_WHIL.patch [bz#1637976]\n- kvm-test-bdrv-drain-Test-node-deletion-in-subtree-recurs.patch [bz#1637976]\n- kvm-block-Don-t-poll-in-parent-drain-callbacks.patch [bz#1637976]\n- kvm-test-bdrv-drain-Graph-change-through-parent-callback.patch [bz#1637976]\n- kvm-block-Defer-.bdrv_drain_begin-callback-to-polling-ph.patch [bz#1637976]\n- kvm-test-bdrv-drain-Test-that-bdrv_drain_invoke-doesn-t-.patch [bz#1637976]\n- kvm-block-Allow-AIO_WAIT_WHILE-with-NULL-ctx.patch [bz#1637976]\n- kvm-block-Move-bdrv_drain_all_begin-out-of-coroutine-con.patch [bz#1637976]\n- kvm-block-ignore_bds_parents-parameter-for-drain-functio.patch [bz#1637976]\n- kvm-block-Allow-graph-changes-in-bdrv_drain_all_begin-en.patch [bz#1637976]\n- kvm-test-bdrv-drain-Test-graph-changes-in-drain_all-sect.patch [bz#1637976]\n- kvm-block-Poll-after-drain-on-attaching-a-node.patch [bz#1637976]\n- kvm-test-bdrv-drain-Test-bdrv_append-to-drained-node.patch [bz#1637976]\n- kvm-block-linux-aio-acquire-AioContext-before-qemu_laio_.patch [bz#1637976]\n- kvm-util-async-use-qemu_aio_coroutine_enter-in-co_schedu.patch [bz#1637976]\n- kvm-job-Fix-nested-aio_poll-hanging-in-job_txn_apply.patch [bz#1637976]\n- kvm-job-Fix-missing-locking-due-to-mismerge.patch [bz#1637976]\n- kvm-blockjob-Wake-up-BDS-when-job-becomes-idle.patch [bz#1637976]\n- kvm-aio-wait-Increase-num_waiters-even-in-home-thread.patch [bz#1637976]\n- kvm-test-bdrv-drain-Drain-with-block-jobs-in-an-I-O-thre.patch [bz#1637976]\n- kvm-test-blockjob-Acquire-AioContext-around-job_cancel_s.patch [bz#1637976]\n- kvm-job-Use-AIO_WAIT_WHILE-in-job_finish_sync.patch [bz#1637976]\n- kvm-test-bdrv-drain-Test-AIO_WAIT_WHILE-in-completion-ca.patch [bz#1637976]\n- kvm-block-Add-missing-locking-in-bdrv_co_drain_bh_cb.patch [bz#1637976]\n- kvm-block-backend-Add-.drained_poll-callback.patch [bz#1637976]\n- kvm-block-backend-Fix-potential-double-blk_delete.patch [bz#1637976]\n- kvm-block-backend-Decrease-in_flight-only-after-callback.patch [bz#1637976]\n- kvm-blockjob-Lie-better-in-child_job_drained_poll.patch [bz#1637976]\n- kvm-block-Remove-aio_poll-in-bdrv_drain_poll-variants.patch [bz#1637976]\n- kvm-test-bdrv-drain-Test-nested-poll-in-bdrv_drain_poll_.patch [bz#1637976]\n- kvm-job-Avoid-deadlocks-in-job_completed_txn_abort.patch [bz#1637976]\n- kvm-test-bdrv-drain-AIO_WAIT_WHILE-in-job-.commit-.abort.patch [bz#1637976]\n- kvm-test-bdrv-drain-Fix-outdated-comments.patch [bz#1637976]\n- kvm-block-Use-a-single-global-AioWait.patch [bz#1637976]\n- kvm-test-bdrv-drain-Test-draining-job-source-child-and-p.patch [bz#1637976]\n- kvm-qemu-img-Fix-assert-when-mapping-unaligned-raw-file.patch [bz#1639374]\n- kvm-iotests-Add-test-221-to-catch-qemu-img-map-regressio.patch [bz#1639374]\n- Resolves: bz#1609327\n (qemu-kvm[37046]: Could not find keytab file: /etc/qemu/krb5.tab: Unknown error 49408)\n- Resolves: bz#1636142\n (qemu NBD_CMD_CACHE flaws impacting non-qemu NBD clients)\n- Resolves: bz#1637976\n (Crashes and hangs with iothreads vs. block jobs)\n- Resolves: bz#1639374\n (qemu-img map 'Aborted (core dumped)' when specifying a plain file)\n[2.12.0-39.el8]\n- kvm-linux-headers-update.patch [bz#1508142]\n- kvm-s390x-cpumodel-Set-up-CPU-model-for-AP-device-suppor.patch [bz#1508142]\n- kvm-s390x-kvm-enable-AP-instruction-interpretation-for-g.patch [bz#1508142]\n- kvm-s390x-ap-base-Adjunct-Processor-AP-object-model.patch [bz#1508142]\n- kvm-s390x-vfio-ap-Introduce-VFIO-AP-device.patch [bz#1508142]\n- kvm-s390-doc-detailed-specifications-for-AP-virtualizati.patch [bz#1508142]\n- Resolves: bz#1508142\n ([IBM 8.0 FEAT] KVM: Guest-dedicated Crypto Adapters - qemu part)\n[2.12.0-38.el8]\n- kvm-Revert-hw-acpi-build-build-SRAT-memory-affinity-stru.patch [bz#1609235]\n- kvm-add-udev-kvm-check.patch [bz#1552663]\n- kvm-aio-posix-Don-t-count-ctx-notifier-as-progress-when-.patch [bz#1623085]\n- kvm-aio-Do-aio_notify_accept-only-during-blocking-aio_po.patch [bz#1623085]\n- kvm-aio-posix-fix-concurrent-access-to-poll_disable_cnt.patch [bz#1632622]\n- kvm-aio-posix-compute-timeout-before-polling.patch [bz#1632622]\n- kvm-aio-posix-do-skip-system-call-if-ctx-notifier-pollin.patch [bz#1632622]\n- kvm-intel-iommu-send-PSI-always-even-if-across-PDEs.patch [bz#1450712]\n- kvm-intel-iommu-remove-IntelIOMMUNotifierNode.patch [bz#1450712]\n- kvm-intel-iommu-add-iommu-lock.patch [bz#1450712]\n- kvm-intel-iommu-only-do-page-walk-for-MAP-notifiers.patch [bz#1450712]\n- kvm-intel-iommu-introduce-vtd_page_walk_info.patch [bz#1450712]\n- kvm-intel-iommu-pass-in-address-space-when-page-walk.patch [bz#1450712]\n- kvm-intel-iommu-trace-domain-id-during-page-walk.patch [bz#1450712]\n- kvm-util-implement-simple-iova-tree.patch [bz#1450712]\n- kvm-intel-iommu-rework-the-page-walk-logic.patch [bz#1450712]\n- kvm-i386-define-the-ssbd-CPUID-feature-bit-CVE-2018-3639.patch [bz#1633928]\n- Resolves: bz#1450712\n (Booting nested guest with vIOMMU, the assigned network devices can not receive packets (qemu))\n- Resolves: bz#1552663\n (81-kvm-rhel.rules is no longer part of initscripts)\n- Resolves: bz#1609235\n (Win2016 guest can't recognize pc-dimm hotplugged to node 0)\n- Resolves: bz#1623085\n (VM doesn't boot from HD)\n- Resolves: bz#1632622\n (~40% virtio_blk disk performance drop for win2012r2 guest when comparing qemu-kvm-rhev-2.12.0-9 with qemu-kvm-rhev-2.12.0-12)\n- Resolves: bz#1633928\n (CVE-2018-3639 qemu-kvm: hw: cpu: speculative store bypass [rhel-8.0])\n[2.12.0-37.el8]\n- kvm-block-for-jobs-do-not-clear-user_paused-until-after-.patch [bz#1635583]\n- kvm-iotests-Add-failure-matching-to-common.qemu.patch [bz#1635583]\n- kvm-block-iotest-to-catch-abort-on-forced-blockjob-cance.patch [bz#1635583]\n- Resolves: bz#1635583\n (Quitting VM causes qemu core dump once the block mirror job paused for no enough target space)\n[2.12.0-36.el8]\n- kvm-check-Only-test-ivshm-when-it-is-compiled-in.patch [bz#1621817]\n- kvm-Disable-ivshmem.patch [bz#1621817]\n- kvm-mirror-Fail-gracefully-for-source-target.patch [bz#1637963]\n- kvm-commit-Add-top-node-base-node-options.patch [bz#1637970]\n- kvm-qemu-iotests-Test-commit-with-top-node-base-node.patch [bz#1637970]\n- Resolves: bz#1621817\n (Disable IVSHMEM in RHEL 8)\n- Resolves: bz#1637963\n (Segfault on 'blockdev-mirror' with same node as source and target)\n- Resolves: bz#1637970\n (allow using node-names with block-commit)\n[2.12.0-35.el8]\n- kvm-redhat-make-the-plugins-executable.patch [bz#1638304]\n- Resolves: bz#1638304\n (the driver packages lack all the library Requires)\n[2.12.0-34.el8]\n- kvm-seccomp-allow-sched_setscheduler-with-SCHED_IDLE-pol.patch [bz#1618356]\n- kvm-seccomp-use-SIGSYS-signal-instead-of-killing-the-thr.patch [bz#1618356]\n- kvm-seccomp-prefer-SCMP_ACT_KILL_PROCESS-if-available.patch [bz#1618356]\n- kvm-configure-require-libseccomp-2.2.0.patch [bz#1618356]\n- kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch [bz#1618356]\n- kvm-memory-cleanup-side-effects-of-memory_region_init_fo.patch [bz#1600365]\n- Resolves: bz#1600365\n (QEMU core dumped when hotplug memory exceeding host hugepages and with discard-data=yes)\n- Resolves: bz#1618356\n (qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads [rhel-8])\n[2.12.0-33.el8]\n- kvm-migration-postcopy-Clear-have_listen_thread.patch [bz#1608765]\n- kvm-migration-cleanup-in-error-paths-in-loadvm.patch [bz#1608765]\n- kvm-jobs-change-start-callback-to-run-callback.patch [bz#1632939]\n- kvm-jobs-canonize-Error-object.patch [bz#1632939]\n- kvm-jobs-add-exit-shim.patch [bz#1632939]\n- kvm-block-commit-utilize-job_exit-shim.patch [bz#1632939]\n- kvm-block-mirror-utilize-job_exit-shim.patch [bz#1632939]\n- kvm-jobs-utilize-job_exit-shim.patch [bz#1632939]\n- kvm-block-backup-make-function-variables-consistently-na.patch [bz#1632939]\n- kvm-jobs-remove-ret-argument-to-job_completed-privatize-.patch [bz#1632939]\n- kvm-jobs-remove-job_defer_to_main_loop.patch [bz#1632939]\n- kvm-block-commit-add-block-job-creation-flags.patch [bz#1632939]\n- kvm-block-mirror-add-block-job-creation-flags.patch [bz#1632939]\n- kvm-block-stream-add-block-job-creation-flags.patch [bz#1632939]\n- kvm-block-commit-refactor-commit-to-use-job-callbacks.patch [bz#1632939]\n- kvm-block-mirror-don-t-install-backing-chain-on-abort.patch [bz#1632939]\n- kvm-block-mirror-conservative-mirror_exit-refactor.patch [bz#1632939]\n- kvm-block-stream-refactor-stream-to-use-job-callbacks.patch [bz#1632939]\n- kvm-tests-blockjob-replace-Blockjob-with-Job.patch [bz#1632939]\n- kvm-tests-test-blockjob-remove-exit-callback.patch [bz#1632939]\n- kvm-tests-test-blockjob-txn-move-.exit-to-.clean.patch [bz#1632939]\n- kvm-jobs-remove-.exit-callback.patch [bz#1632939]\n- kvm-qapi-block-commit-expose-new-job-properties.patch [bz#1632939]\n- kvm-qapi-block-mirror-expose-new-job-properties.patch [bz#1632939]\n- kvm-qapi-block-stream-expose-new-job-properties.patch [bz#1632939]\n- kvm-block-backup-qapi-documentation-fixup.patch [bz#1632939]\n- kvm-blockdev-document-transactional-shortcomings.patch [bz#1632939]\n- Resolves: bz#1608765\n (After postcopy migration, do savevm and loadvm, guest hang and call trace)\n- Resolves: bz#1632939\n (qemu blockjobs other than backup do not support job-finalize or job-dismiss)\n[2.12.0-32.el8]\n- kvm-Re-enable-disabled-Hyper-V-enlightenments.patch [bz#1625185]\n- kvm-Fix-annocheck-issues.patch [bz#1624164]\n- kvm-exec-check-that-alignment-is-a-power-of-two.patch [bz#1630746]\n- kvm-curl-Make-sslverify-off-disable-host-as-well-as-peer.patch [bz#1575925]\n- Resolves: bz#1575925\n ('SSL: no alternative certificate subject name matches target host name' error even though sslverify = off)\n- Resolves: bz#1624164\n (Review annocheck distro flag failures in qemu-kvm)\n- Resolves: bz#1625185\n (Re-enable disabled Hyper-V enlightenments)\n- Resolves: bz#1630746\n (qemu_ram_mmap: Assertion skip_bytes < pnum' failed.)\n- Resolves: bz#1591076\n (The driver of 'throttle' is not whitelisted)\n- Resolves: bz#1592817\n (Retrying on serial_xmit if the pipe is broken may compromise the Guest)\n- Resolves: bz#1594135\n (system_reset many times linux guests cause qemu process Aborted)\n- Resolves: bz#1595173\n (blockdev-create is blocking)\n- Resolves: bz#1595180\n (Can't set rerror/werror with usb-storage)\n- Resolves: bz#1595740\n (RHEL-Alt-7.6 - qemu has error during migration of larger guests)\n- Resolves: bz#1599335\n (Image creation locking is too tight and is not properly released)\n- Resolves: bz#1599515\n (qemu core-dump with aio_read via hmp (util/qemu-thread-posix.c:64: qemu_mutex_lock_impl: Assertion *pnum && (((*pnum) % (align)) == 0) && align > offset - aligned_offset\\' failed))\n- Resolves: bz#1707192\n (implement missing reset handler for cfi.pflash01 - slow train)\n- Resolves: bz#1727642\n (CVE-2019-6778 qemu-kvm: QEMU: slirp: heap buffer overflow in tcp_emu())\n- Resolves: bz#1732642\n (enable the virtio-net frontend to work with the vhost-net backend in SEV guests)\n- Resolves: bz#1734751\n (CVE-2019-14378 qemu-kvm: QEMU: slirp: heap buffer overflow during packet reassembly [rhel-8.1.0])\n[2.12.0-82.el8]\n- kvm-i386-Add-new-model-of-Cascadelake-Server.patch [bz#1629906]\n- kvm-i386-Update-stepping-of-Cascadelake-Server.patch [bz#1629906]\n- kvm-target-i386-Disable-MPX-support-on-named-CPU-models.patch [bz#1629906]\n- kvm-i386-remove-the-INTEL_PT-CPUID-bit-from-named-CPU-NEW.patch [bz#1629906]\n- kvm-i386-Disable-OSPKE-on-CPU-model-definitions-NEW.patch [bz#1629906]\n- kvm-block-ssh-Convert-from-DPRINTF-macro-to-trace-events.patch [bz#1513367]\n- kvm-block-ssh-Do-not-report-read-write-flush-errors-to-t.patch [bz#1513367]\n- kvm-qemu-iotests-Fix-paths-for-NFS.patch [bz#1513367]\n- kvm-qemu-iotests-Filter-NFS-paths.patch [bz#1513367]\n- kvm-iotests-Filter-SSH-paths.patch [bz#1513367]\n- kvm-block-ssh-Implement-.bdrv_refresh_filename.patch [bz#1513367]\n- kvm-iotests-Use-Python-byte-strings-where-appropriate.patch [bz#1513367]\n- kvm-iotests-Unify-log-outputs-between-Python-2-and-3.patch [bz#1513367]\n- kvm-ssh-switch-from-libssh2-to-libssh.patch [bz#1513367]\n- kvm-redhat-switch-from-libssh2-to-libssh.patch [bz#1513367]\n- kvm-block-gluster-limit-the-transfer-size-to-512-MiB.patch [bz#1728657]\n- kvm-s390-cpumodel-fix-description-for-the-new-vector-fac.patch [bz#1729975]\n- kvm-s390x-cpumodel-remove-esort-from-the-default-model.patch [bz#1729975]\n- kvm-s390x-cpumodel-also-change-name-of-vxbeh.patch [bz#1729975]\n- kvm-s390x-cpumodel-change-internal-name-of-vxpdeh-to-mat.patch [bz#1729975]\n- kvm-target-i386-sev-Do-not-unpin-ram-device-memory-regio.patch [bz#1728958]\n- kvm-i386-Save-EFER-for-32-bit-targets.patch [bz#1689269]\n- kvm-target-i386-rename-HF_SVMI_MASK-to-HF_GUEST_MASK.patch [bz#1689269]\n- kvm-target-i386-kvm-add-VMX-migration-blocker.patch [bz#1689269]\n- kvm-target-i386-kvm-just-return-after-migrate_add_blocke.patch [bz#1689269]\n- kvm-target-i386-kvm-Delete-VMX-migration-blocker-on-vCPU.patch [bz#1689269]\n- kvm-Introduce-kvm_arch_destroy_vcpu.patch [bz#1689269]\n- kvm-target-i386-kvm-Use-symbolic-constant-for-DB-BP-exce.patch [bz#1689269]\n- kvm-target-i386-kvm-Re-inject-DB-to-guest-with-updated-D.patch [bz#1689269]\n- kvm-target-i386-kvm-Block-migration-for-vCPUs-exposed-wi.patch [bz#1689269]\n- kvm-target-i386-kvm-do-not-initialize-padding-fields.patch [bz#1689269]\n- kvm-linux-headers-synchronize-generic-and-x86-KVM-header.patch [bz#1689269]\n- kvm-vmstate-Add-support-for-kernel-integer-types.patch [bz#1689269]\n- kvm-target-i386-kvm-Add-support-for-save-and-restore-nes.patch [bz#1689269]\n- kvm-target-i386-kvm-Add-support-for-KVM_CAP_EXCEPTION_PA.patch [bz#1689269]\n- kvm-target-i386-kvm-Add-nested-migration-blocker-only-wh.patch [bz#1689269]\n- kvm-target-i386-kvm-Demand-nested-migration-kernel-capab.patch [bz#1689269]\n- kvm-target-i386-skip-KVM_GET-SET_NESTED_STATE-if-VMX-dis.patch [bz#1689269]\n- kvm-i386-kvm-Do-not-sync-nested-state-during-runtime.patch [bz#1689269]\n- Resolves: bz#1513367\n (qemu with libssh)\n- Resolves: bz#1629906\n ([Intel 8.1 Feat] qemu-kvm Introduce Cascade Lake (CLX) cpu model)\n- Resolves: bz#1689269\n (Nested KVM: support for migration of nested hypervisors - Slow Train)\n- Resolves: bz#1728657\n ('qemu-io write' to a raw image over libgfapi fails)\n- Resolves: bz#1728958\n (Hot unplug vfio-pci NIC devices from sev guest will cause qemu-kvm: sev_ram_block_removed: failed to unregister region)\n- Resolves: bz#1729975\n (RHEL 8.1 Pre-Beta - Fix for hardware CPU Model)\n[2.12.0-81.el8]\n- kvm-target-i386-add-MDS-NO-feature.patch [bz#1714792]\n- kvm-virtio-gpu-pass-down-VirtIOGPU-pointer-to-a-bunch-of.patch [bz#1531543]\n- kvm-virtio-gpu-add-iommu-support.patch [bz#1531543]\n- kvm-virtio-gpu-fix-unmap-in-error-path.patch [bz#1531543]\n- Resolves: bz#1531543\n ([RFE] add iommu support to virtio-gpu)\n- Resolves: bz#1714792\n ([Intel 8.1 FEAT] MDS_NO exposure to guest)\n[2.12.0-80.el8]\n- kvm-qxl-check-release-info-object.patch [bz#1712705]\n- kvm-iotests-Make-182-do-without-device_add.patch [bz#1707598]\n- Resolves: bz#1707598\n (qemu-iotest 182 fails without device hotplugging support)\n- Resolves: bz#1712705\n (CVE-2019-12155 qemu-kvm: QEMU: qxl: null pointer dereference while releasing spice resources [rhel-8])\n[15:2.12.0-79]\n- Rebuild all virt packages to fix RHEL's upgrade path\n- Resolves: rhbz#1695587\n (Ensure modular RPM upgrade path)\n[2.12.0-78.el8]\n- kvm-gluster-Handle-changed-glfs_ftruncate-signature.patch [bz#1721983]\n- kvm-gluster-the-glfs_io_cbk-callback-function-pointer-ad.patch [bz#1721983]\n- Resolves: bz#1721983\n (qemu-kvm can't be build with new gluster version (6.0.6))\n[2.12.0-77.el8]\n- kvm-i386-Make-arch_capabilities-migratable.patch [bz#1709970]\n- kvm-spapr-Fix-ibm-max-associativity-domains-property-num.patch [bz#1710662]\n- kvm-linux-headers-Update-for-NVLink2-passthrough-downstr.patch [bz#1710662]\n- kvm-pci-Move-NVIDIA-vendor-id-to-the-rest-of-ids.patch [bz#1710662]\n- kvm-vfio-quirks-Add-common-quirk-alloc-helper.patch [bz#1710662]\n- kvm-vfio-Make-vfio_get_region_info_cap-public.patch [bz#1710662]\n- kvm-spapr-Support-NVIDIA-V100-GPU-with-NVLink2.patch [bz#1710662]\n- kvm-qemu-kvm.spec-bump-libseccomp-2.4.0.patch [bz#1719578]\n- Resolves: bz#1709970\n ([Intel 8.1 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM - qemu-kvm)\n- Resolves: bz#1710662\n ([IBM 8.1 FEAT] POWER9 - Virt: qemu: NVLink2 passthru to guest - Nvidia Volta (GPU) (kvm))\n- Resolves: bz#1719578\n (VM failed to start with error 'failed to install seccomp syscall filter in the kernel')\n[2.12.0-76.el8]\n- kvm-Introduce-new-no_guest_reset-parameter-for-usb-host-.patch [bz#1713677]\n- kvm-usb-call-reset-handler-before-updating-state.patch [bz#1713677]\n- kvm-usb-host-skip-reset-for-untouched-devices.patch [bz#1713677]\n- kvm-usb-host-avoid-libusb_set_configuration-calls.patch [bz#1713677]\n- kvm-virtio-scsi-Move-BlockBackend-back-to-the-main-AioCo.patch [bz#1673396 bz#1673401]\n- kvm-scsi-disk-Acquire-the-AioContext-in-scsi_-_realize.patch [bz#1673396 bz#1673401]\n- kvm-virtio-scsi-Forbid-devices-with-different-iothreads-.patch [bz#1673396 bz#1673401]\n- kvm-Disable-VXHS-support.patch [bz#1714933]\n- Resolves: bz#1673396\n (qemu-kvm core dumped after hotplug the deleted disk with iothread parameter)\n- Resolves: bz#1673401\n (Qemu core dump when start guest with two disks using same drive)\n- Resolves: bz#1713677\n (Detached device when trying to upgrade USB device firmware when in doing USB Passthrough via QEMU)\n- Resolves: bz#1714933\n (Disable VXHS in qemu-kvm)\n[2.12.0-75.el8]\n- kvm-s390x-cpumodel-enum-type-S390FeatGroup-now-gets-gene.patch [bz#1660912]\n- kvm-linux-headers-update-against-Linux-5.2-rc1.patch [bz#1660912]\n- kvm-s390x-cpumodel-ignore-csske-for-expansion.patch [bz#1660912]\n- kvm-s390x-cpumodel-Miscellaneous-Instruction-Extensions-.patch [bz#1660912]\n- kvm-s390x-cpumodel-msa9-facility.patch [bz#1660912]\n- kvm-s390x-cpumodel-vector-enhancements.patch [bz#1660912]\n- kvm-s390x-cpumodel-enhanced-sort-facility.patch [bz#1660912]\n- kvm-s390x-cpumodel-add-Deflate-conversion-facility.patch [bz#1660912]\n- kvm-s390x-cpumodel-add-gen15-defintions.patch [bz#1660912]\n- kvm-s390x-cpumodel-wire-up-8561-and-8562-as-gen15-machin.patch [bz#1660912]\n- kvm-spice-set-device-address-and-device-display-ID-in-QX.patch [bz#1712946]\n- kvm-hw-pci-Add-missing-include.patch [bz#1712946]\n- Resolves: bz#1660912\n ([IBM 8.1 FEAT] KVM s390x: Add hardware CPU Model - qemu part)\n- Resolves: bz#1712946\n (qemu-kvm build is broken due to spice_qxl_set_max_monitors being deprecated)\n[2.12.0-74.el8]\n- kvm-x86-cpu-Enable-CLDEMOTE-Demote-Cache-Line-cpu-featur.patch [bz#1696436]\n- kvm-memory-Fix-the-memory-region-type-assignment-order.patch [bz#1667249]\n- kvm-target-i386-sev-Do-not-pin-the-ram-device-memory-reg.patch [bz#1667249]\n- kvm-block-Fix-invalidate_cache-error-path-for-parent-act.patch [bz#1673010]\n- kvm-target-i386-define-md-clear-bit.patch [bz#1703302 bz#1703308]\n- Resolves: bz#1667249\n (Fail to launch AMD SEV VM with assigned PCI device)\n- Resolves: bz#1673010\n (Local VM and migrated VM on the same host can run with same RAW file as visual disk source while without shareable configured or lock manager enabled)\n- Resolves: bz#1696436\n ([Intel 8.0 Feat] KVM Enabling SnowRidge new NIs - qemu-kvm)\n- Resolves: bz#1703302\n (CVE-2018-12130 virt:rhel/qemu-kvm: hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS) [rhel-8])\n- Resolves: bz#1703308\n (CVE-2018-12127 virt:rhel/qemu-kvm: hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) [rhel-8])\n[2.12.0-73.el8]\n- kvm-i386-remove-the-INTEL_PT-CPUID-bit-from-named-CPU-mo.patch [bz#1561761]\n- kvm-i386-Disable-OSPKE-on-CPU-model-definitions.patch [bz#1561761]\n- Resolves: bz#1561761\n ([Intel 8.1 Feat] qemu-kvm Introduce Icelake cpu model)\n[2.12.0-72.el8]\n- kvm-Use-KVM_GET_MSR_INDEX_LIST-for-MSR_IA32_ARCH_CAP.patch [bz#1707706]\n- kvm-i386-kvm-Disable-arch_capabilities-if-MSR-can-t-be-s.patch [bz#1707706]\n- Resolves: bz#1707706\n (/builddir/build/BUILD/qemu-2.12.0/target/i386/kvm.c:2031: kvm_put_msrs: Assertion is_power_of_2(align)' failed)\n[2.12.0-31.el8]\n- kvm-i386-Disable-TOPOEXT-by-default-on-cpu-host.patch [bz#1619804]\n- kvm-redhat-enable-opengl-add-build-and-runtime-deps.patch [bz#1618412]\n- Resolves: bz#1618412\n (Enable opengl (for intel vgpu display))\n- Resolves: bz#1619804\n (kernel panic in init_amd_cacheinfo)\n[2.12.0-30.el8]\n- kvm-redhat-Disable-vhost-crypto.patch [bz#1625668]\n- Resolves: bz#1625668\n (Decide if we should disable 'vhost-crypto' or not)\n[2.12.0-29.el8]\n- kvm-target-i386-sev-fix-memory-leaks.patch [bz#1615717]\n- kvm-i386-Fix-arch_query_cpu_model_expansion-leak.patch [bz#1615717]\n- kvm-redhat-Update-build-configuration.patch [bz#1573156]\n- Resolves: bz#1573156\n (Update build configure for QEMU 2.12.0)\n- Resolves: bz#1615717\n (Memory leaks)\n[2.12.0-28.el8]\n- kvm-e1000e-Do-not-auto-clear-ICR-bits-which-aren-t-set-i.patch [bz#1596024]\n- kvm-e1000e-Prevent-MSI-MSI-X-storms.patch [bz#1596024]\n- kvm-Drop-build_configure.sh-and-Makefile.local-files.patch []\n- kvm-Fix-subject-line-in-.gitpublish.patch []\n- Resolves: bz#1596024\n (The network link can't be detected on guest when the guest uses e1000e model type)\n[2.12.0-27.el8]\n- kvm-Fix-libusb-1.0.22-deprecated-libusb_set_debug-with-l.patch [bz#1622656]\n- Resolves: bz#1622656\n (qemu-kvm fails to build due to libusb_set_debug being deprecated)\n[2.12.0-26.el8]\n- kvm-redhat-remove-extra-in-rhel_rhev_conflicts-macro.patch [bz#1618752]\n- Resolves: bz#1618752\n (qemu-kvm can't be installed in RHEL-8 as it Conflicts with itself.)\n[2.12.0-25.el8]\n- kvm-Migration-TLS-Fix-crash-due-to-double-cleanup.patch [bz#1594384]\n- Resolves: bz#1594384\n (2.12 migration fixes)\n[2.12.0-24.el8]\n- kvm-Add-qemu-keymap-to-qemu-kvm-common.patch [bz#1593117]\n- Resolves: bz#1593117\n (add qemu-keymap utility)\n[2.12.0-23.el8]\n- Fixing an issue with some old command in the spec file\n[2.12.0-22.el8]\n- Fix an issue with the build_configure script.\n- Resolves: bz#1425820\n (Improve QEMU packaging layout with modularization of the block layer)\n[2.12.0-20.el8]\n- kvm-migration-stop-compressing-page-in-migration-thread.patch [bz#1594384]\n- kvm-migration-stop-compression-to-allocate-and-free-memo.patch [bz#1594384]\n- kvm-migration-stop-decompression-to-allocate-and-free-me.patch [bz#1594384]\n- kvm-migration-detect-compression-and-decompression-error.patch [bz#1594384]\n- kvm-migration-introduce-control_save_page.patch [bz#1594384]\n- kvm-migration-move-some-code-to-ram_save_host_page.patch [bz#1594384]\n- kvm-migration-move-calling-control_save_page-to-the-comm.patch [bz#1594384]\n- kvm-migration-move-calling-save_zero_page-to-the-common-.patch [bz#1594384]\n- kvm-migration-introduce-save_normal_page.patch [bz#1594384]\n- kvm-migration-remove-ram_save_compressed_page.patch [bz#1594384]\n- kvm-migration-block-dirty-bitmap-fix-memory-leak-in-dirt.patch [bz#1594384]\n- kvm-migration-fix-saving-normal-page-even-if-it-s-been-c.patch [bz#1594384]\n- kvm-migration-update-index-field-when-delete-or-qsort-RD.patch [bz#1594384]\n- kvm-migration-introduce-decompress-error-check.patch [bz#1594384]\n- kvm-migration-Don-t-activate-block-devices-if-using-S.patch [bz#1594384]\n- kvm-migration-not-wait-RDMA_CM_EVENT_DISCONNECTED-event-.patch [bz#1594384]\n- kvm-migration-block-dirty-bitmap-fix-dirty_bitmap_load.patch [bz#1594384]\n- kvm-s390x-add-RHEL-7.6-machine-type-for-ccw.patch [bz#1595718]\n- kvm-s390x-cpumodel-default-enable-bpb-and-ppa15-for-z196.patch [bz#1595718]\n- kvm-linux-headers-asm-s390-kvm.h-header-sync.patch [bz#1612938]\n- kvm-s390x-kvm-add-etoken-facility.patch [bz#1612938]\n- Resolves: bz#1594384\n (2.12 migration fixes)\n- Resolves: bz#1595718\n (Add ppa15/bpb to the default cpu model for z196 and higher in the 7.6 s390-ccw-virtio machine)\n- Resolves: bz#1612938\n (Add etoken support to qemu-kvm for s390x KVM guests)\n[2.12.0-18.el8]\nMass import from RHEL 7.6 qemu-kvm-rhev, including fixes to the following BZs:\n- kvm-AArch64-Add-virt-rhel7.6-machine-type.patch [bz#1558723]\n- kvm-cpus-Fix-event-order-on-resume-of-stopped-guest.patch [bz#1566153]\n- kvm-qemu-img-Check-post-truncation-size.patch [bz#1523065]\n- kvm-vga-catch-depth-0.patch [bz#1575541]\n- kvm-Fix-x-hv-max-vps-compat-value-for-7.4-machine-type.patch [bz#1583959]\n- kvm-ccid-card-passthru-fix-regression-in-realize.patch [bz#1584984]\n- kvm-Use-4-MB-vram-for-cirrus.patch [bz#1542080]\n- kvm-spapr_pci-Remove-unhelpful-pagesize-warning.patch [bz#1505664]\n- kvm-rpm-Add-nvme-VFIO-driver-to-rw-whitelist.patch [bz#1416180]\n- kvm-qobject-Use-qobject_to-instead-of-type-cast.patch [bz#1557995]\n- kvm-qobject-Ensure-base-is-at-offset-0.patch [bz#1557995]\n- kvm-qobject-use-a-QObjectBase_-struct.patch [bz#1557995]\n- kvm-qobject-Replace-qobject_incref-QINCREF-qobject_decre.patch [bz#1557995]\n- kvm-qobject-Modify-qobject_ref-to-return-obj.patch [bz#1557995]\n- kvm-rbd-Drop-deprecated-drive-parameter-filename.patch [bz#1557995]\n- kvm-iscsi-Drop-deprecated-drive-parameter-filename.patch [bz#1557995]\n- kvm-block-Add-block-specific-QDict-header.patch [bz#1557995]\n- kvm-qobject-Move-block-specific-qdict-code-to-block-qdic.patch [bz#1557995]\n- kvm-block-Fix-blockdev-for-certain-non-string-scalars.patch [bz#1557995]\n- kvm-block-Fix-drive-for-certain-non-string-scalars.patch [bz#1557995]\n- kvm-block-Clean-up-a-misuse-of-qobject_to-in-.bdrv_co_cr.patch [bz#1557995]\n- kvm-block-Factor-out-qobject_input_visitor_new_flat_conf.patch [bz#1557995]\n- kvm-block-Make-remaining-uses-of-qobject-input-visitor-m.patch [bz#1557995]\n- kvm-block-qdict-Simplify-qdict_flatten_qdict.patch [bz#1557995]\n- kvm-block-qdict-Tweak-qdict_flatten_qdict-qdict_flatten_.patch [bz#1557995]\n- kvm-block-qdict-Clean-up-qdict_crumple-a-bit.patch [bz#1557995]\n- kvm-block-qdict-Simplify-qdict_is_list-some.patch [bz#1557995]\n- kvm-check-block-qdict-Rename-qdict_flatten-s-variables-f.patch [bz#1557995]\n- kvm-check-block-qdict-Cover-flattening-of-empty-lists-an.patch [bz#1557995]\n- kvm-block-Fix-blockdev-blockdev-add-for-empty-objects-an.patch [bz#1557995]\n- kvm-rbd-New-parameter-auth-client-required.patch [bz#1557995]\n- kvm-rbd-New-parameter-key-secret.patch [bz#1557995]\n- kvm-block-mirror-honor-ratelimit-again.patch [bz#1572856]\n- kvm-block-mirror-Make-cancel-always-cancel-pre-READY.patch [bz#1572856]\n- kvm-iotests-Add-test-for-cancelling-a-mirror-job.patch [bz#1572856]\n- kvm-iotests-Split-214-off-of-122.patch [bz#1518738]\n- kvm-block-Add-COR-filter-driver.patch [bz#1518738]\n- kvm-block-BLK_PERM_WRITE-includes-._UNCHANGED.patch [bz#1518738]\n- kvm-block-Add-BDRV_REQ_WRITE_UNCHANGED-flag.patch [bz#1518738]\n- kvm-block-Set-BDRV_REQ_WRITE_UNCHANGED-for-COR-writes.patch [bz#1518738]\n- kvm-block-quorum-Support-BDRV_REQ_WRITE_UNCHANGED.patch [bz#1518738]\n- kvm-block-Support-BDRV_REQ_WRITE_UNCHANGED-in-filters.patch [bz#1518738]\n- kvm-iotests-Clean-up-wrap-image-in-197.patch [bz#1518738]\n- kvm-iotests-Copy-197-for-COR-filter-driver.patch [bz#1518738]\n- kvm-iotests-Add-test-for-COR-across-nodes.patch [bz#1518738]\n- kvm-qemu-io-Use-purely-string-blockdev-options.patch [bz#1576598]\n- kvm-qemu-img-Use-only-string-options-in-img_open_opts.patch [bz#1576598]\n- kvm-iotests-Add-test-for-U-force-share-conflicts.patch [bz#1576598]\n- kvm-qemu-io-Drop-command-functions-return-values.patch [bz#1519617]\n- kvm-qemu-io-Let-command-functions-return-error-code.patch [bz#1519617]\n- kvm-qemu-io-Exit-with-error-when-a-command-failed.patch [bz#1519617]\n- kvm-iotests.py-Add-qemu_io_silent.patch [bz#1519617]\n- kvm-iotests-Let-216-make-use-of-qemu-io-s-exit-code.patch [bz#1519617]\n- kvm-qcow2-Repair-OFLAG_COPIED-when-fixing-leaks.patch [bz#1527085]\n- kvm-iotests-Repairing-error-during-snapshot-deletion.patch [bz#1527085]\n- kvm-block-Make-bdrv_is_writable-public.patch [bz#1588039]\n- kvm-qcow2-Do-not-mark-inactive-images-corrupt.patch [bz#1588039]\n- kvm-iotests-Add-case-for-a-corrupted-inactive-image.patch [bz#1588039]\n- kvm-main-loop-drop-spin_counter.patch [bz#1168213]\n- kvm-target-ppc-Factor-out-the-parsing-in-kvmppc_get_cpu_.patch [bz#1560847]\n- kvm-target-ppc-Don-t-require-private-l1d-cache-on-POWER8.patch [bz#1560847]\n- kvm-ppc-spapr_caps-Don-t-disable-cap_cfpc-on-POWER8-by-d.patch [bz#1560847]\n- kvm-qxl-fix-local-renderer-crash.patch [bz#1567733]\n- kvm-qemu-img-Amendment-support-implies-create_opts.patch [bz#1537956]\n- kvm-block-Add-Error-parameter-to-bdrv_amend_options.patch [bz#1537956]\n- kvm-qemu-option-Pull-out-Supported-options-print.patch [bz#1537956]\n- kvm-qemu-img-Add-print_amend_option_help.patch [bz#1537956]\n- kvm-qemu-img-Recognize-no-creation-support-in-o-help.patch [bz#1537956]\n- kvm-iotests-Test-help-option-for-unsupporting-formats.patch [bz#1537956]\n- kvm-iotests-Rework-113.patch [bz#1537956]\n- kvm-qemu-img-Resolve-relative-backing-paths-in-rebase.patch [bz#1569835]\n- kvm-iotests-Add-test-for-rebasing-with-relative-paths.patch [bz#1569835]\n- kvm-qemu-img-Special-post-backing-convert-handling.patch [bz#1527898]\n- kvm-iotests-Test-post-backing-convert-target-behavior.patch [bz#1527898]\n- kvm-migration-calculate-expected_downtime-with-ram_bytes.patch [bz#1564576]\n- kvm-sheepdog-Fix-sd_co_create_opts-memory-leaks.patch [bz#1513543]\n- kvm-qemu-iotests-reduce-chance-of-races-in-185.patch [bz#1513543]\n- kvm-blockjob-do-not-cancel-timer-in-resume.patch [bz#1513543]\n- kvm-nfs-Fix-error-path-in-nfs_options_qdict_to_qapi.patch [bz#1513543]\n- kvm-nfs-Remove-processed-options-from-QDict.patch [bz#1513543]\n- kvm-blockjob-drop-block_job_pause-resume_all.patch [bz#1513543]\n- kvm-blockjob-expose-error-string-via-query.patch [bz#1513543]\n- kvm-blockjob-Fix-assertion-in-block_job_finalize.patch [bz#1513543]\n- kvm-blockjob-Wrappers-for-progress-counter-access.patch [bz#1513543]\n- kvm-blockjob-Move-RateLimit-to-BlockJob.patch [bz#1513543]\n- kvm-blockjob-Implement-block_job_set_speed-centrally.patch [bz#1513543]\n- kvm-blockjob-Introduce-block_job_ratelimit_get_delay.patch [bz#1513543]\n- kvm-blockjob-Add-block_job_driver.patch [bz#1513543]\n- kvm-blockjob-Update-block-job-pause-resume-documentation.patch [bz#1513543]\n- kvm-blockjob-Improve-BlockJobInfo.offset-len-documentati.patch [bz#1513543]\n- kvm-job-Create-Job-JobDriver-and-job_create.patch [bz#1513543]\n- kvm-job-Rename-BlockJobType-into-JobType.patch [bz#1513543]\n- kvm-job-Add-JobDriver.job_type.patch [bz#1513543]\n- kvm-job-Add-job_delete.patch [bz#1513543]\n- kvm-job-Maintain-a-list-of-all-jobs.patch [bz#1513543]\n- kvm-job-Move-state-transitions-to-Job.patch [bz#1513543]\n- kvm-job-Add-reference-counting.patch [bz#1513543]\n- kvm-job-Move-cancelled-to-Job.patch [bz#1513543]\n- kvm-job-Add-Job.aio_context.patch [bz#1513543]\n- kvm-job-Move-defer_to_main_loop-to-Job.patch [bz#1513543]\n- kvm-job-Move-coroutine-and-related-code-to-Job.patch [bz#1513543]\n- kvm-job-Add-job_sleep_ns.patch [bz#1513543]\n- kvm-job-Move-pause-resume-functions-to-Job.patch [bz#1513543]\n- kvm-job-Replace-BlockJob.completed-with-job_is_completed.patch [bz#1513543]\n- kvm-job-Move-BlockJobCreateFlags-to-Job.patch [bz#1513543]\n- kvm-blockjob-Split-block_job_event_pending.patch [bz#1513543]\n- kvm-job-Add-job_event_.patch [bz#1513543]\n- kvm-job-Move-single-job-finalisation-to-Job.patch [bz#1513543]\n- kvm-job-Convert-block_job_cancel_async-to-Job.patch [bz#1513543]\n- kvm-job-Add-job_drain.patch [bz#1513543]\n- kvm-job-Move-.complete-callback-to-Job.patch [bz#1513543]\n- kvm-job-Move-job_finish_sync-to-Job.patch [bz#1513543]\n- kvm-job-Switch-transactions-to-JobTxn.patch [bz#1513543]\n- kvm-job-Move-transactions-to-Job.patch [bz#1513543]\n- kvm-job-Move-completion-and-cancellation-to-Job.patch [bz#1513543]\n- kvm-block-Cancel-job-in-bdrv_close_all-callers.patch [bz#1513543]\n- kvm-job-Add-job_yield.patch [bz#1513543]\n- kvm-job-Add-job_dismiss.patch [bz#1513543]\n- kvm-job-Add-job_is_ready.patch [bz#1513543]\n- kvm-job-Add-job_transition_to_ready.patch [bz#1513543]\n- kvm-job-Move-progress-fields-to-Job.patch [bz#1513543]\n- kvm-job-Introduce-qapi-job.json.patch [bz#1513543]\n- kvm-job-Add-JOB_STATUS_CHANGE-QMP-event.patch [bz#1513543]\n- kvm-job-Add-lifecycle-QMP-commands.patch [bz#1513543]\n- kvm-job-Add-query-jobs-QMP-command.patch [bz#1513543]\n- kvm-blockjob-Remove-BlockJob.driver.patch [bz#1513543]\n- kvm-iotests-Move-qmp_to_opts-to-VM.patch [bz#1513543]\n- kvm-qemu-iotests-Test-job-with-block-jobs.patch [bz#1513543]\n- kvm-vdi-Fix-vdi_co_do_create-return-value.patch [bz#1513543]\n- kvm-vhdx-Fix-vhdx_co_create-return-value.patch [bz#1513543]\n- kvm-job-Add-error-message-for-failing-jobs.patch [bz#1513543]\n- kvm-block-create-Make-x-blockdev-create-a-job.patch [bz#1513543]\n- kvm-qemu-iotests-Add-VM.get_qmp_events_filtered.patch [bz#1513543]\n- kvm-qemu-iotests-Add-VM.qmp_log.patch [bz#1513543]\n- kvm-qemu-iotests-Add-iotests.img_info_log.patch [bz#1513543]\n- kvm-qemu-iotests-Add-VM.run_job.patch [bz#1513543]\n- kvm-qemu-iotests-iotests.py-helper-for-non-file-protocol.patch [bz#1513543]\n- kvm-qemu-iotests-Rewrite-206-for-blockdev-create-job.patch [bz#1513543]\n- kvm-qemu-iotests-Rewrite-207-for-blockdev-create-job.patch [bz#1513543]\n- kvm-qemu-iotests-Rewrite-210-for-blockdev-create-job.patch [bz#1513543]\n- kvm-qemu-iotests-Rewrite-211-for-blockdev-create-job.patch [bz#1513543]\n- kvm-qemu-iotests-Rewrite-212-for-blockdev-create-job.patch [bz#1513543]\n- kvm-qemu-iotests-Rewrite-213-for-blockdev-create-job.patch [bz#1513543]\n- kvm-block-create-Mark-blockdev-create-stable.patch [bz#1513543]\n- kvm-jobs-fix-stale-wording.patch [bz#1513543]\n- kvm-jobs-fix-verb-references-in-docs.patch [bz#1513543]\n- kvm-iotests-Fix-219-s-timing.patch [bz#1513543]\n- kvm-iotests-improve-pause_job.patch [bz#1513543]\n- kvm-rpm-Whitelist-copy-on-read-block-driver.patch [bz#1518738]\n- kvm-rpm-add-throttle-driver-to-rw-whitelist.patch [bz#1591076]\n- kvm-usb-host-skip-open-on-pending-postload-bh.patch [bz#1572851]\n- kvm-i386-Define-the-Virt-SSBD-MSR-and-handling-of-it-CVE.patch [bz#1574216]\n- kvm-i386-define-the-AMD-virt-ssbd-CPUID-feature-bit-CVE-.patch [bz#1574216]\n- kvm-block-file-posix-Pass-FD-to-locking-helpers.patch [bz#1519144]\n- kvm-block-file-posix-File-locking-during-creation.patch [bz#1519144]\n- kvm-iotests-Add-creation-test-to-153.patch [bz#1519144]\n- kvm-vhost-user-add-Net-prefix-to-internal-state-structur.patch [bz#1526645]\n- kvm-virtio-support-setting-memory-region-based-host-noti.patch [bz#1526645]\n- kvm-vhost-user-support-receiving-file-descriptors-in-sla.patch [bz#1526645]\n- kvm-osdep-add-wait.h-compat-macros.patch [bz#1526645]\n- kvm-vhost-user-bridge-support-host-notifier.patch [bz#1526645]\n- kvm-vhost-allow-backends-to-filter-memory-sections.patch [bz#1526645]\n- kvm-vhost-user-allow-slave-to-send-fds-via-slave-channel.patch [bz#1526645]\n- kvm-vhost-user-introduce-shared-vhost-user-state.patch [bz#1526645]\n- kvm-vhost-user-support-registering-external-host-notifie.patch [bz#1526645]\n- kvm-libvhost-user-support-host-notifier.patch [bz#1526645]\n- kvm-block-Introduce-API-for-copy-offloading.patch [bz#1482537]\n- kvm-raw-Check-byte-range-uniformly.patch [bz#1482537]\n- kvm-raw-Implement-copy-offloading.patch [bz#1482537]\n- kvm-qcow2-Implement-copy-offloading.patch [bz#1482537]\n- kvm-file-posix-Implement-bdrv_co_copy_range.patch [bz#1482537]\n- kvm-iscsi-Query-and-save-device-designator-when-opening.patch [bz#1482537]\n- kvm-iscsi-Create-and-use-iscsi_co_wait_for_task.patch [bz#1482537]\n- kvm-iscsi-Implement-copy-offloading.patch [bz#1482537]\n- kvm-block-backend-Add-blk_co_copy_range.patch [bz#1482537]\n- kvm-qemu-img-Convert-with-copy-offloading.patch [bz#1482537]\n- kvm-qcow2-Fix-src_offset-in-copy-offloading.patch [bz#1482537]\n- kvm-iscsi-Don-t-blindly-use-designator-length-in-respons.patch [bz#1482537]\n- kvm-file-posix-Fix-EINTR-handling.patch [bz#1482537]\n- kvm-usb-storage-Add-rerror-werror-properties.patch [bz#1595180]\n- kvm-numa-clarify-error-message-when-node-index-is-out-of.patch [bz#1578381]\n- kvm-qemu-iotests-Update-026.out.nocache-reference-output.patch [bz#1528541]\n- kvm-qcow2-Free-allocated-clusters-on-write-error.patch [bz#1528541]\n- kvm-qemu-iotests-Test-qcow2-not-leaking-clusters-on-writ.patch [bz#1528541]\n- kvm-qemu-options-Add-missing-newline-to-accel-help-text.patch [bz#1586313]\n- kvm-xhci-fix-guest-triggerable-assert.patch [bz#1594135]\n- kvm-virtio-gpu-tweak-scanout-disable.patch [bz#1589634]\n- kvm-virtio-gpu-update-old-resource-too.patch [bz#1589634]\n- kvm-virtio-gpu-disable-scanout-when-backing-resource-is-.patch [bz#1589634]\n- kvm-block-Don-t-silently-truncate-node-names.patch [bz#1549654]\n- kvm-pr-helper-fix-socket-path-default-in-help.patch [bz#1533158]\n- kvm-pr-helper-fix-assertion-failure-on-failed-multipath-.patch [bz#1533158]\n- kvm-pr-manager-helper-avoid-SIGSEGV-when-writing-to-the-.patch [bz#1533158]\n- kvm-pr-manager-put-stubs-in-.c-file.patch [bz#1533158]\n- kvm-pr-manager-add-query-pr-managers-QMP-command.patch [bz#1533158]\n- kvm-pr-manager-helper-report-event-on-connection-disconn.patch [bz#1533158]\n- kvm-pr-helper-avoid-error-on-PR-IN-command-with-zero-req.patch [bz#1533158]\n- kvm-pr-helper-Rework-socket-path-handling.patch [bz#1533158]\n- kvm-pr-manager-helper-fix-memory-leak-on-event.patch [bz#1533158]\n- kvm-object-fix-OBJ_PROP_LINK_UNREF_ON_RELEASE-ambivalenc.patch [bz#1556678]\n- kvm-usb-hcd-xhci-test-add-a-test-for-ccid-hotplug.patch [bz#1556678]\n- kvm-Revert-usb-release-the-created-buses.patch [bz#1556678]\n- kvm-file-posix-Fix-creation-locking.patch [bz#1599335]\n- kvm-file-posix-Unlock-FD-after-creation.patch [bz#1599335]\n- kvm-ahci-trim-signatures-on-raise-lower.patch [bz#1584914]\n- kvm-ahci-fix-PxCI-register-race.patch [bz#1584914]\n- kvm-ahci-don-t-schedule-unnecessary-BH.patch [bz#1584914]\n- kvm-qcow2-Fix-qcow2_truncate-error-return-value.patch [bz#1595173]\n- kvm-block-Convert-.bdrv_truncate-callback-to-coroutine_f.patch [bz#1595173]\n- kvm-qcow2-Remove-coroutine-trampoline-for-preallocate_co.patch [bz#1595173]\n- kvm-block-Move-bdrv_truncate-implementation-to-io.c.patch [bz#1595173]\n- kvm-block-Use-tracked-request-for-truncate.patch [bz#1595173]\n- kvm-file-posix-Make-.bdrv_co_truncate-asynchronous.patch [bz#1595173]\n- kvm-block-Fix-copy-on-read-crash-with-partial-final-clus.patch [bz#1590640]\n- kvm-block-fix-QEMU-crash-with-scsi-hd-and-drive_del.patch [bz#1599515]\n- kvm-virtio-rng-process-pending-requests-on-DRIVER_OK.patch [bz#1576743]\n- kvm-file-posix-specify-expected-filetypes.patch [bz#1525829]\n- kvm-iotests-add-test-226-for-file-driver-types.patch [bz#1525829]\n- kvm-block-dirty-bitmap-add-lock-to-bdrv_enable-disable_d.patch [bz#1207657]\n- kvm-qapi-add-x-block-dirty-bitmap-enable-disable.patch [bz#1207657]\n- kvm-qmp-transaction-support-for-x-block-dirty-bitmap-ena.patch [bz#1207657]\n- kvm-qapi-add-x-block-dirty-bitmap-merge.patch [bz#1207657]\n- kvm-qapi-add-disabled-parameter-to-block-dirty-bitmap-ad.patch [bz#1207657]\n- kvm-block-dirty-bitmap-add-bdrv_enable_dirty_bitmap_lock.patch [bz#1207657]\n- kvm-dirty-bitmap-fix-double-lock-on-bitmap-enabling.patch [bz#1207657]\n- kvm-block-qcow2-bitmap-fix-free_bitmap_clusters.patch [bz#1207657]\n- kvm-qcow2-add-overlap-check-for-bitmap-directory.patch [bz#1207657]\n- kvm-blockdev-enable-non-root-nodes-for-backup-source.patch [bz#1207657]\n- kvm-iotests-add-222-to-test-basic-fleecing.patch [bz#1207657]\n- kvm-qcow2-Remove-dead-check-on-ret.patch [bz#1207657]\n- kvm-block-Move-request-tracking-to-children-in-copy-offl.patch [bz#1207657]\n- kvm-block-Fix-parameter-checking-in-bdrv_co_copy_range_i.patch [bz#1207657]\n- kvm-block-Honour-BDRV_REQ_NO_SERIALISING-in-copy-range.patch [bz#1207657]\n- kvm-backup-Use-copy-offloading.patch [bz#1207657]\n- kvm-block-backup-disable-copy-offloading-for-backup.patch [bz#1207657]\n- kvm-iotests-222-Don-t-run-with-luks.patch [bz#1207657]\n- kvm-block-io-fix-copy_range.patch [bz#1207657]\n- kvm-block-split-flags-in-copy_range.patch [bz#1207657]\n- kvm-block-add-BDRV_REQ_SERIALISING-flag.patch [bz#1207657]\n- kvm-block-backup-fix-fleecing-scheme-use-serialized-writ.patch [bz#1207657]\n- kvm-nbd-server-Reject-0-length-block-status-request.patch [bz#1207657]\n- kvm-nbd-server-fix-trace.patch [bz#1207657]\n- kvm-nbd-server-refactor-NBDExportMetaContexts.patch [bz#1207657]\n- kvm-nbd-server-add-nbd_meta_empty_or_pattern-helper.patch [bz#1207657]\n- kvm-nbd-server-implement-dirty-bitmap-export.patch [bz#1207657]\n- kvm-qapi-new-qmp-command-nbd-server-add-bitmap.patch [bz#1207657]\n- kvm-docs-interop-add-nbd.txt.patch [bz#1207657]\n- kvm-nbd-server-introduce-NBD_CMD_CACHE.patch [bz#1207657]\n- kvm-nbd-server-Silence-gcc-false-positive.patch [bz#1207657]\n- kvm-nbd-server-Fix-dirty-bitmap-logic-regression.patch [bz#1207657]\n- kvm-nbd-server-fix-nbd_co_send_block_status.patch [bz#1207657]\n- kvm-nbd-client-Add-x-dirty-bitmap-to-query-bitmap-from-s.patch [bz#1207657]\n- kvm-iotests-New-test-223-for-exporting-dirty-bitmap-over.patch [bz#1207657]\n- kvm-hw-char-serial-Only-retry-if-qemu_chr_fe_write-retur.patch [bz#1592817]\n- kvm-hw-char-serial-retry-write-if-EAGAIN.patch [bz#1592817]\n- kvm-throttle-groups-fix-hang-when-group-member-leaves.patch [bz#1535914]\n- kvm-Disable-aarch64-devices-reappeared-after-2.12-rebase.patch [bz#1586357]\n- kvm-Disable-split-irq-device.patch [bz#1586357]\n- kvm-Disable-AT24Cx-i2c-eeprom.patch [bz#1586357]\n- kvm-Disable-CAN-bus-devices.patch [bz#1586357]\n- kvm-Disable-new-superio-devices.patch [bz#1586357]\n- kvm-Disable-new-pvrdma-device.patch [bz#1586357]\n- kvm-qdev-add-HotplugHandler-post_plug-callback.patch [bz#1607891]\n- kvm-virtio-scsi-fix-hotplug-reset-vs-event-race.patch [bz#1607891]\n- kvm-e1000-Fix-tso_props-compat-for-82540em.patch [bz#1608778]\n- kvm-slirp-correct-size-computation-while-concatenating-m.patch [bz#1586255]\n- kvm-s390x-sclp-fix-maxram-calculation.patch [bz#1595740]\n- kvm-redhat-Make-gitpublish-profile-the-default-one.patch [bz#1425820]\n- Resolves: bz#1168213\n (main-loop: WARNING: I/O thread spun for 1000 iterations while doing stream block device.)\n- Resolves: bz#1207657\n (RFE: QEMU Incremental live backup - push and pull modes)\n- Resolves: bz#1416180\n (QEMU VFIO based block driver for NVMe devices)\n- Resolves: bz#1425820\n (Improve QEMU packaging layout with modularization of the block layer)\n- Resolves: bz#1482537\n ([RFE] qemu-img copy-offloading (convert command))\n- Resolves: bz#1505664\n ('qemu-kvm: System page size 0x1000000 is not enabled in page_size_mask (0x11000). Performance may be slow' show up while using hugepage as guest's memory)\n- Resolves: bz#1513543\n ([RFE] Add block job to create format on a storage device)\n- Resolves: bz#1518738\n (Add 'copy-on-read' filter driver for use with blockdev-add)\n- Resolves: bz#1519144\n (qemu-img: image locking doesn't cover image creation)\n- Resolves: bz#1519617\n (The exit code should be non-zero when qemu-io reports an error)\n- Resolves: bz#1523065\n ('qemu-img resize' should fail to decrease the size of logical partition/lvm/iSCSI image with raw format)\n- Resolves: bz#1525829\n (can not boot up a scsi-block passthrough disk via -blockdev with error 'cannot get SG_IO version number: Operation not supported. Is this a SCSI device?')\n- Resolves: bz#1526645\n ([Intel 7.6 FEAT] vHost Data Plane Acceleration (vDPA) - vhost user client - qemu-kvm-rhev)\n- Resolves: bz#1527085\n (The copied flag should be updated during '-r leaks')\n- Resolves: bz#1527898\n ([RFE] qemu-img should leave cluster unallocated if it's read as zero throughout the backing chain)\n- Resolves: bz#1528541\n (qemu-img check reports tons of leaked clusters after re-start nfs service to resume writing data in guest)\n- Resolves: bz#1533158\n (QEMU support for libvirtd restarting qemu-pr-helper)\n- Resolves: bz#1535914\n (Disable io throttling for one member disk of a group during io will induce the other one hang with io)\n- Resolves: bz#1537956\n (RFE: qemu-img amend should list the true supported options)\n- Resolves: bz#1542080\n (Qemu core dump at cirrus_invalidate_region)\n- Resolves: bz#1549654\n (Reject node-names which would be truncated by the block layer commands)\n- Resolves: bz#1556678\n (Hot plug usb-ccid for the 2nd time with the same ID as the 1st time failed)\n- Resolves: bz#1557995\n (QAPI schema for RBD storage misses the 'password-secret' option)\n- Resolves: bz#1558723\n (Create RHEL-7.6 QEMU machine type for AArch64)\n- Resolves: bz#1560847\n ([Power8][FW b0320a_1812.861][rhel7.5rc2 3.10.0-861.el7.ppc64le][qemu-kvm-{ma,rhev}-2.10.0-21.el7_5.1.ppc64le] KVM guest does not default to ori type flush even with pseries-rhel7.5.0-sxxm)\n- Resolves: bz#1564576\n (Pegas 1.1 - Require to backport qemu-kvm patch that fixes expected_downtime calculation during migration)\n- Resolves: bz#1566153\n (IOERROR pause code lost after resuming a VM while I/O error is still present)\n- Resolves: bz#1567733\n (qemu abort when migrate during guest reboot)\n- Resolves: bz#1569835\n (qemu-img get wrong backing file path after rebasing image with relative path)\n- Resolves: bz#1572851\n (Core dumped after migration when with usb-host)\n- Resolves: bz#1572856\n ('block-job-cancel' can not cancel a 'drive-mirror' job)\n- Resolves: bz#1574216\n (CVE-2018-3639 qemu-kvm-rhev: hw: cpu: speculative store bypass [rhel-7.6])\n- Resolves: bz#1575541\n (qemu core dump while installing win10 guest)\n- Resolves: bz#1576598\n (Segfault in qemu-io and qemu-img with -U --image-opts force-share=off)\n- Resolves: bz#1576743\n (virtio-rng hangs when running on recent (2.x) QEMU versions)\n- Resolves: bz#1578381\n (Error message need update when specify numa distance with node index >=128)\n- Resolves: bz#1583959\n (Incorrect vcpu count limit for 7.4 machine types for windows guests)\n- Resolves: bz#1584914\n (SATA emulator lags and hangs)\n- Resolves: bz#1584984\n (Vm starts failed with 'passthrough' smartcard)\n- Resolves: bz#1586255\n (CVE-2018-11806 qemu-kvm-rhev: QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams [rhel-7.6])\n- Resolves: bz#1586313\n (-smp option is not easily found in the output of qemu help)\n- Resolves: bz#1586357\n (Disable new devices in 2.12)\n- Resolves: bz#1588039\n (Possible assertion failure in qemu when a corrupted image is used during an incoming migration)\n- Resolves: bz#1589634\n (Migration failed when rebooting guest with multiple virtio videos)\n- Resolves: bz#1590640\n (qemu-kvm: block/io.c:1098: bdrv_co_do_copy_on_readv: Assertion mutex->initialized' failed))\n- Resolves: bz#1607891\n (Hotplug events are sometimes lost with virtio-scsi + iothread)\n- Resolves: bz#1608778\n (qemu/migration: migrate failed from RHEL.7.6 to RHEL.7.5 with e1000-82540em)\n[2.12.0-17.el8]\n- kvm-linux-headers-Update-to-include-KVM_CAP_S390_HPAGE_1.patch [bz#1610906]\n- kvm-s390x-Enable-KVM-huge-page-backing-support.patch [bz#1610906]\n- kvm-redhat-s390x-add-hpage-1-to-kvm.conf.patch [bz#1610906]\n- Resolves: bz#1610906\n ([IBM 8.0 FEAT] KVM: Huge Pages - libhugetlbfs Enablement - qemu-kvm part)\n[2.12.0-16.el8]\n- kvm-spapr-Correct-inverted-test-in-spapr_pc_dimm_node.patch [bz#1601671]\n- kvm-osdep-powerpc64-align-memory-to-allow-2MB-radix-THP-.patch [bz#1601317]\n- kvm-RHEL-8.0-Add-pseries-rhel7.6.0-sxxm-machine-type.patch [bz#1595501]\n- kvm-i386-Helpers-to-encode-cache-information-consistentl.patch [bz#1597739]\n- kvm-i386-Add-cache-information-in-X86CPUDefinition.patch [bz#1597739]\n- kvm-i386-Initialize-cache-information-for-EPYC-family-pr.patch [bz#1597739]\n- kvm-i386-Add-new-property-to-control-cache-info.patch [bz#1597739]\n- kvm-i386-Clean-up-cache-CPUID-code.patch [bz#1597739]\n- kvm-i386-Populate-AMD-Processor-Cache-Information-for-cp.patch [bz#1597739]\n- kvm-i386-Add-support-for-CPUID_8000_001E-for-AMD.patch [bz#1597739]\n- kvm-i386-Fix-up-the-Node-id-for-CPUID_8000_001E.patch [bz#1597739]\n- kvm-i386-Enable-TOPOEXT-feature-on-AMD-EPYC-CPU.patch [bz#1597739]\n- kvm-i386-Remove-generic-SMT-thread-check.patch [bz#1597739]\n- kvm-i386-Allow-TOPOEXT-to-be-enabled-on-older-kernels.patch [bz#1597739]\n- Resolves: bz#1595501\n (Create pseries-rhel7.6.0-sxxm machine type)\n- Resolves: bz#1597739\n (AMD EPYC/Zen SMT support for KVM / QEMU guest (qemu-kvm))\n- Resolves: bz#1601317\n (RHEL8.0 - qemu patch to align memory to allow 2MB THP)\n- Resolves: bz#1601671\n (After rebooting guest,all the hot plug memory will be assigned to the 1st numa node.)\n[2.12.0-15.el8]\n- kvm-spapr-Add-ibm-max-associativity-domains-property.patch [bz#1599593]\n- kvm-Revert-spapr-Don-t-allow-memory-hotplug-to-memory-le.patch [bz#1599593]\n- kvm-simpletrace-Convert-name-from-mapping-record-to-str.patch [bz#1594969]\n- kvm-tests-fix-TLS-handshake-failure-with-TLS-1.3.patch [bz#1602403]\n- Resolves: bz#1594969\n (simpletrace.py fails when running with Python 3)\n- Resolves: bz#1599593\n (User can't hotplug memory to less memory numa node on rhel8)\n- Resolves: bz#1602403\n (test-crypto-tlssession unit test fails with assertions)\n[2.12.0-14.el8]\n- kvm-vfio-pci-Default-display-option-to-off.patch [bz#1590511]\n- kvm-python-futurize-f-libfuturize.fixes.fix_print_with_i.patch [bz#1571533]\n- kvm-python-futurize-f-lib2to3.fixes.fix_except.patch [bz#1571533]\n- kvm-Revert-Defining-a-shebang-for-python-scripts.patch [bz#1571533]\n- kvm-spec-Fix-ambiguous-python-interpreter-name.patch [bz#1571533]\n- kvm-qemu-ga-blacklisting-guest-exec-and-guest-exec-statu.patch [bz#1518132]\n- kvm-redhat-rewrap-build_configure.sh-cmdline-for-the-rh-.patch\n- kvm-redhat-remove-the-VTD-LIVE_BLOCK_OPS-and-RHV-options.patch\n- kvm-redhat-fix-the-rh-env-prep-target-s-dependency-on-th.patch\n- kvm-redhat-remove-dead-code-related-to-s390-not-s390x.patch\n- kvm-redhat-sync-compiler-flags-from-the-spec-file-to-rh-.patch\n- kvm-redhat-sync-guest-agent-enablement-and-tcmalloc-usag.patch\n- kvm-redhat-fix-up-Python-3-dependency-for-building-QEMU.patch\n- kvm-redhat-fix-up-Python-dependency-for-SRPM-generation.patch\n- kvm-redhat-disable-glusterfs-dependency-support-temporar.patch\n- Resolves: bz#1518132\n (Ensure file access RPCs are disabled by default)\n- Resolves: bz#1571533\n (Convert qemu-kvm python scripts to python3)\n- Resolves: bz#1590511\n (Fails to start guest with Intel vGPU device)\n[2.12.0-13.el8]\n- Resolves: bz#1508137\n ([IBM 8.0 FEAT] KVM: Interactive Bootloader (qemu))\n- Resolves: bz#1513558\n (Remove RHEL6 machine types)\n- Resolves: bz#1568600\n (pc-i440fx-rhel7.6.0 and pc-q35-rhel7.6.0 machine types (x86))\n- Resolves: bz#1570029\n ([IBM 8.0 FEAT] KVM: 3270 Connectivity - qemu part)\n- Resolves: bz#1578855\n (Enable Native Ceph support on non x86_64 CPUs)\n- Resolves: bz#1585651\n (RHEL 7.6 new pseries machine type (ppc64le))\n- Resolves: bz#1592337\n ([IBM 8.0 FEAT] KVM: CPU Model z14 ZR1 (qemu-kvm))\n[2.12.0-11.el8.1]\n- Resolves: bz#1576468\n (Enable vhost_user in qemu-kvm 2.12)\n[2.12.0-11.el8]\n- Resolves: bz#1574406\n ([RHEL 8][qemu-kvm] Failed to find romfile 'efi-virtio.rom')\n- Resolves: bz#1569675\n (Backwards compatibility of pc-*-rhel7.5.0 and older machine-types)\n- Resolves: bz#1576045\n (Fix build issue by using python3)\n- Resolves: bz#1571145\n (qemu-kvm segfaults on RHEL 8 when run guestfsd under TCG)\n[2.12.0-10.el]\n- Fixing some issues with packaging.\n- Rebasing to 2.12.0-rc4\n[2.11.0-7.el8]\n- Bumping epoch for RHEL8 and dropping self-obsoleting\n[2.11.0-6.el8]\n- Rebuilding\n[2.11.0-5.el8]\n- Prepare building on RHEL-8.0\nsgabios", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-17T00:00:00", "type": "oraclelinux", "title": "virt:ol security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11806", "CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-17963", "CVE-2018-20815", "CVE-2018-3639", "CVE-2019-10132", "CVE-2019-10161", "CVE-2019-10166", "CVE-2019-10167", "CVE-2019-10168", "CVE-2019-11091", "CVE-2019-11135", "CVE-2019-12155", "CVE-2019-14378", "CVE-2019-15890", "CVE-2019-6501", "CVE-2019-6778"], "modified": "2020-02-17T00:00:00", "id": "ELSA-2020-0279", "href": "http://linux.oracle.com/errata/ELSA-2020-0279.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-19T20:39:50", "description": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)\n\n* QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\n* QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-11-05T17:33:34", "type": "redhat", "title": "(RHSA-2019:3345) Low: virt:rhel security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155", "CVE-2019-9755", "CVE-2019-9824"], "modified": "2019-11-05T19:47:18", "id": "RHSA-2019:3345", "href": "https://access.redhat.com/errata/RHSA-2019:3345", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:35:42", "description": "Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es):\n\n* QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-09-03T13:20:18", "type": "redhat", "title": "(RHSA-2019:2607) Low: qemu-kvm security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155"], "modified": "2019-09-03T15:40:31", "id": "RHSA-2019:2607", "href": "https://access.redhat.com/errata/RHSA-2019:2607", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:39:01", "description": "Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es):\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-07-02T10:35:37", "type": "redhat", "title": "(RHSA-2019:1650) Low: qemu-kvm security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9824"], "modified": "2019-07-02T11:00:03", "id": "RHSA-2019:1650", "href": "https://access.redhat.com/errata/RHSA-2019:1650", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-19T20:36:57", "description": "Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es):\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-08-06T07:58:28", "type": "redhat", "title": "(RHSA-2019:2078) Low: qemu-kvm security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9824"], "modified": "2019-08-06T09:45:44", "id": "RHSA-2019:2078", "href": "https://access.redhat.com/errata/RHSA-2019:2078", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-04-27T01:31:16", "description": "The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine (VM) disk images.\n\nSecurity Fix(es):\n\n* ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-06T08:23:59", "type": "redhat", "title": "(RHSA-2019:2308) Low: libguestfs-winsupport security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9755"], "modified": "2019-08-06T09:43:38", "id": "RHSA-2019:2308", "href": "https://access.redhat.com/errata/RHSA-2019:2308", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:41:02", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378)\n\n* QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-12-19T15:41:46", "type": "redhat", "title": "(RHSA-2019:4344) Important: qemu-kvm-rhev security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155", "CVE-2019-14378"], "modified": "2019-12-19T15:46:50", "id": "RHSA-2019:4344", "href": "https://access.redhat.com/errata/RHSA-2019:4344", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:35:55", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378)\n\n* QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* ccid: Fix incorrect dwProtocol advertisement of T=0 (BZ#1729880)\n\n* QEMU gets stuck on resume/cont call from libvirt (BZ#1741937)\n\n* [v2v] Migration performance regression (BZ#1743322)\n\n* qemu, qemu-img fail to detect alignment with XFS and Gluster/XFS on 4k block device (BZ#1745443)\n\n* qemu-kvm: backport cpuidle-haltpoll support (BZ#1746282)\n\n* qemu aborts in blockCommit: qemu-kvm: block.c:3486 (BZ#1750322)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-10-22T15:12:07", "type": "redhat", "title": "(RHSA-2019:3179) Important: qemu-kvm-rhev security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155", "CVE-2019-14378"], "modified": "2019-10-23T08:37:37", "id": "RHSA-2019:3179", "href": "https://access.redhat.com/errata/RHSA-2019:3179", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:38:31", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378)\n\n* QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-11-06T15:01:04", "type": "redhat", "title": "(RHSA-2019:3742) Important: qemu-kvm-rhev security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155", "CVE-2019-14378"], "modified": "2019-11-06T15:05:21", "id": "RHSA-2019:3742", "href": "https://access.redhat.com/errata/RHSA-2019:3742", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:38:00", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378)\n\n* QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-11-07T12:47:56", "type": "redhat", "title": "(RHSA-2019:3787) Important: qemu-kvm-rhev security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155", "CVE-2019-14378"], "modified": "2019-11-07T12:57:37", "id": "RHSA-2019:3787", "href": "https://access.redhat.com/errata/RHSA-2019:3787", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:39:48", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378)\n\n* QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711)\n\n* QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* After host update, older windows clients have large time drift (BZ#1639098)\n\n* [v2v] Migration performance regression (BZ#1648622)\n\n* Live storage migration fails with: TimeoutError: Timed out during operation: cannot acquire state change lock (held by monitor=remoteDispatchConnectGetAllDomainStats) and the VM becomes 'Not Responding' (BZ#1665256)\n\n* QEMU gets stuck on resume/cont call from libvirt (BZ#1673546)\n\n* [Intel 7.8 Bug] [KVM][CLX] CPUID_7_0_EDX_ARCH_CAPABILITIES is not enabled in VM qemu-kvm-rhev (BZ#1709972)\n\n* qemu aborts in blockCommit: qemu-kvm: block.c:3486: bdrv_replace_node: Assertion `!({ _Static_assert(!(sizeof(*&from->in_flight) > 8), \"not expecting: \" \"sizeof(*&from->in_flight) > ATOMIC_REG_SIZE\"); __atomic_load_n(&from->in_flight, 0); })' failed. (BZ#1711643)\n\n* ccid: Fix incorrect dwProtocol advertisement of T=0 (BZ#1721522)\n\n* Fail to migrate a rhel6.10-mt7.6 guest with dimm device (BZ#1724048)\n\n* qemu-kvm: backport cpuidle-haltpoll support (BZ#1734502)\n\n* qemu, qemu-img fail to detect alignment with XFS and Gluster/XFS on 4k block device (BZ#1743365)\n\n* ISST-LTE:RHV4.3 on RHEL7.6 kvm host:Power8:Tuleta-L:lotg7: call traces dumped on guest while performing guest migration (qemu-kvm-rhev) (BZ#1743508)\n\n* qemu coredump: qemu-kvm: block/create.c:68: qmp_blockdev_create: Assertion `drv' failed (BZ#1746224)\n\n* [Data plane]virtio_scsi_ctx_check: Assertion `blk_get_aio_context(d->conf.blk) == s->ctx' failed when unplug a device that running block stream on it (BZ#1764120)\n\n* qemu-kvm crashes when Windows VM is migrated with multiqueue (BZ#1775251)\n\nEnhancement(s):\n\n* [Intel 7.8 FEAT] MDS_NO exposure to guest - qemu-kvm-rhev (BZ#1716726)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-03-31T14:08:10", "type": "redhat", "title": "(RHSA-2020:1216) Important: qemu-kvm-rhev security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155", "CVE-2019-14378", "CVE-2020-1711"], "modified": "2020-03-31T14:19:44", "id": "RHSA-2020:1216", "href": "https://access.redhat.com/errata/RHSA-2020:1216", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:36:28", "description": "Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es):\n\n* QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806)\n\n* QEMU: slirp: heap buffer overflow in tcp_emu() (CVE-2019-6778)\n\n* QEMU: ne2000: integer overflow leads to buffer overflow issue (CVE-2018-10839)\n\n* QEMU: pcnet: integer overflow leads to buffer overflow (CVE-2018-17962)\n\n* QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.5, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-09-24T12:48:33", "type": "redhat", "title": "(RHSA-2019:2892) Important: qemu-kvm security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10839", "CVE-2018-11806", "CVE-2018-17962", "CVE-2019-12155", "CVE-2019-6778"], "modified": "2019-09-24T13:08:59", "id": "RHSA-2019:2892", "href": "https://access.redhat.com/errata/RHSA-2019:2892", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:36:38", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* QEMU: slirp: heap buffer overflow in tcp_emu() (CVE-2019-6778)\n\n* QEMU: rtl8139: integer overflow leads to buffer overflow (CVE-2018-17958)\n\n* QEMU: net: ignore packets with large size (CVE-2018-17963)\n\n* QEMU: seccomp: blacklist is not applied to all threads (CVE-2018-15746)\n\n* QEMU: scsi-generic: possible OOB access while handling inquiry request (CVE-2019-6501)\n\n* QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Update qemu-kvm-rhev for RHEL 7.7 compatibility [OSP-14] (BZ#1728358)\n\n* Update qemu-kvm-rhev for RHEL 7.7 compatibility [OSP-13] (BZ#1728359)\n\n* Update qemu-kvm-rhev for RHEL 7.7 compatibility [OSP-10] (BZ#1728360)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-08-09T00:35:44", "type": "redhat", "title": "(RHSA-2019:2425) Important: qemu-kvm-rhev security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-15746", "CVE-2018-17958", "CVE-2018-17963", "CVE-2019-6501", "CVE-2019-6778", "CVE-2019-9824"], "modified": "2019-08-09T00:44:15", "id": "RHSA-2019:2425", "href": "https://access.redhat.com/errata/RHSA-2019:2425", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T20:35:50", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es):\n\n* A flaw was found in the implementation of the \"fill buffer\", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130)\n\n* Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126)\n\n* Microprocessors use a \u2018load port\u2019 subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU\u2019s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127)\n\n* Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091)\n\n* QEMU: device_tree: heap buffer overflow while loading device tree blob (CVE-2018-20815)\n\n* QEMU: rtl8139: integer overflow leads to buffer overflow (CVE-2018-17958)\n\n* QEMU: net: ignore packets with large size (CVE-2018-17963)\n\n* QEMU: scsi-generic: possible OOB access while handling inquiry request (CVE-2019-6501)\n\n* QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nThis update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-08-22T09:08:03", "type": "redhat", "title": "(RHSA-2019:2553) Important: qemu-kvm-rhev security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-17958", "CVE-2018-17963", "CVE-2018-20815", "CVE-2019-11091", "CVE-2019-6501", "CVE-2019-9824"], "modified": "2019-08-22T09:12:17", "id": "RHSA-2019:2553", "href": "https://access.redhat.com/errata/RHSA-2019:2553", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "almalinux": [{"lastseen": "2022-05-12T14:57:53", "description": "Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.\n\nSecurity Fix(es):\n\n* ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)\n\n* QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\n* QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-05T17:33:34", "type": "almalinux", "title": "Low: virt:rhel security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12155", "CVE-2019-9755", "CVE-2019-9824"], "modified": "2021-12-23T15:15:25", "id": "ALSA-2019:3345", "href": "https://errata.almalinux.org/8/ALSA-2019-3345.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2022-06-16T14:52:33", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3345 advisory.\n\n - QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\n - ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)\n\n - QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-01-29T00:00:00", "type": "nessus", "title": "CentOS 8 : virt:rhel (CESA-2019:3345)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-9755", "CVE-2019-9824"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:SLOF", "p-cpe:/a:centos:centos:hivex", "p-cpe:/a:centos:centos:hivex-devel", "p-cpe:/a:centos:centos:libguestfs", "p-cpe:/a:centos:centos:libguestfs-bash-completion", "p-cpe:/a:centos:centos:libguestfs-benchmarking", "p-cpe:/a:centos:centos:libguestfs-devel", "p-cpe:/a:centos:centos:libguestfs-gfs2", "p-cpe:/a:centos:centos:libguestfs-gobject", "p-cpe:/a:centos:centos:libguestfs-gobject-devel", "p-cpe:/a:centos:centos:libguestfs-inspect-icons", "p-cpe:/a:centos:centos:libguestfs-java", "p-cpe:/a:centos:centos:libguestfs-java-devel", "p-cpe:/a:centos:centos:libguestfs-javadoc", "p-cpe:/a:centos:centos:libguestfs-man-pages-ja", "p-cpe:/a:centos:centos:libguestfs-man-pages-uk", "p-cpe:/a:centos:centos:libguestfs-rescue", "p-cpe:/a:centos:centos:libguestfs-rsync", "p-cpe:/a:centos:centos:libguestfs-tools", "p-cpe:/a:centos:centos:libguestfs-tools-c", "p-cpe:/a:centos:centos:libguestfs-winsupport", "p-cpe:/a:centos:centos:libguestfs-xfs", "p-cpe:/a:centos:centos:libiscsi", "p-cpe:/a:centos:centos:libiscsi-devel", "p-cpe:/a:centos:centos:libiscsi-utils", "p-cpe:/a:centos:centos:libvirt", "p-cpe:/a:centos:centos:libvirt-admin", "p-cpe:/a:centos:centos:libvirt-bash-completion", "p-cpe:/a:centos:centos:libvirt-client", "p-cpe:/a:centos:centos:libvirt-daemon", "p-cpe:/a:centos:centos:libvirt-daemon-config-network", "p-cpe:/a:centos:centos:libvirt-daemon-config-nwfilter", "p-cpe:/a:centos:centos:libvirt-daemon-driver-interface", "p-cpe:/a:centos:centos:libvirt-daemon-driver-network", "p-cpe:/a:centos:centos:libvirt-daemon-driver-nodedev", "p-cpe:/a:centos:centos:libvirt-daemon-driver-nwfilter", "p-cpe:/a:centos:centos:libvirt-daemon-driver-qemu", "p-cpe:/a:centos:centos:libvirt-daemon-driver-secret", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-core", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-disk", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-gluster", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-logical", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-mpath", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-rbd", "p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-scsi", "p-cpe:/a:centos:centos:libvirt-daemon-kvm", "p-cpe:/a:centos:centos:libvirt-dbus", "p-cpe:/a:centos:centos:libvirt-devel", "p-cpe:/a:centos:centos:libvirt-docs", "p-cpe:/a:centos:centos:libvirt-libs", "p-cpe:/a:centos:centos:libvirt-lock-sanlock", "p-cpe:/a:centos:centos:libvirt-nss", "p-cpe:/a:centos:centos:lua-guestfs", "p-cpe:/a:centos:centos:nbdkit", "p-cpe:/a:centos:centos:nbdkit-bash-completion", "p-cpe:/a:centos:centos:nbdkit-basic-plugins", "p-cpe:/a:centos:centos:nbdkit-devel", "p-cpe:/a:centos:centos:nbdkit-example-plugins", "p-cpe:/a:centos:centos:nbdkit-plugin-gzip", "p-cpe:/a:centos:centos:nbdkit-plugin-python-common", "p-cpe:/a:centos:centos:nbdkit-plugin-python3", "p-cpe:/a:centos:centos:nbdkit-plugin-vddk", "p-cpe:/a:centos:centos:nbdkit-plugin-xz", "p-cpe:/a:centos:centos:netcf", "p-cpe:/a:centos:centos:netcf-devel", "p-cpe:/a:centos:centos:netcf-libs", "p-cpe:/a:centos:centos:ocaml-hivex", "p-cpe:/a:centos:centos:ocaml-hivex-devel", "p-cpe:/a:centos:centos:ocaml-libguestfs", "p-cpe:/a:centos:centos:ocaml-libguestfs-devel", "p-cpe:/a:centos:centos:perl-Sys-Guestfs", "p-cpe:/a:centos:centos:perl-Sys-Virt", "p-cpe:/a:centos:centos:perl-hivex", "p-cpe:/a:centos:centos:python3-hivex", "p-cpe:/a:centos:centos:python3-libguestfs", "p-cpe:/a:centos:centos:python3-libvirt", "p-cpe:/a:centos:centos:ruby-hivex", "p-cpe:/a:centos:centos:ruby-libguestfs", "p-cpe:/a:centos:centos:seabios", "p-cpe:/a:centos:centos:seabios-bin", "p-cpe:/a:centos:centos:seavgabios-bin", "p-cpe:/a:centos:centos:sgabios", "p-cpe:/a:centos:centos:sgabios-bin", "p-cpe:/a:centos:centos:supermin", "p-cpe:/a:centos:centos:supermin-devel", "p-cpe:/a:centos:centos:virt-dib", "p-cpe:/a:centos:centos:virt-p2v-maker", "p-cpe:/a:centos:centos:virt-v2v"], "id": "CENTOS8_RHSA-2019-3345.NASL", "href": "https://www.tenable.com/plugins/nessus/145576", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2019:3345. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145576);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2019-9755\", \"CVE-2019-9824\", \"CVE-2019-12155\");\n script_bugtraq_id(107468, 108429);\n script_xref(name:\"RHSA\", value:\"2019:3345\");\n\n script_name(english:\"CentOS 8 : virt:rhel (CESA-2019:3345)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2019:3345 advisory.\n\n - QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\n - ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)\n\n - QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:3345\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9755\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/01/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:SLOF\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-benchmarking\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gfs2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-gobject-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-inspect-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-java-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-man-pages-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-man-pages-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-rescue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-rsync\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-tools-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-xfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-disk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-logical\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-mpath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-driver-storage-scsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-daemon-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libvirt-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lua-guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-basic-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-example-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-plugin-gzip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-plugin-python-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-plugin-python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-plugin-vddk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:nbdkit-plugin-xz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-hivex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ocaml-libguestfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Sys-Guestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-Sys-Virt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perl-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-hivex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libguestfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:seavgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sgabios-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:supermin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:supermin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-dib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-p2v-maker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:virt-v2v\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/virt-devel');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\nif ('rhel' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt-devel:' + module_ver);\n\nappstreams = {\n 'virt-devel:rhel': [\n {'reference':'hivex-1.3.15-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-1.3.15-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.15-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'hivex-devel-1.3.15-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-bash-completion-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-bash-completion-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-benchmarking-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-devel-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gfs2-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-gobject-devel-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-inspect-icons-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-inspect-icons-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-java-devel-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-javadoc-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-javadoc-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-ja-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-ja-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-uk-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-man-pages-uk-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rescue-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-rsync-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-tools-c-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.0-4.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-winsupport-8.0-4.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libguestfs-xfs-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-1.18.0-8.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-admin-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-bash-completion-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-client-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-network-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-config-nwfilter-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-interface-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-network-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nodedev-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-nwfilter-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-qemu-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-secret-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-core-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-disk-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-gluster-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-iscsi-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-logical-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-mpath-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-rbd-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-driver-storage-scsi-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-daemon-kvm-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.2.0-3.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-dbus-1.2.0-3.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-devel-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-docs-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-libs-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-lock-sanlock-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-4.5.0-35.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libvirt-nss-4.5.0-35.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lua-guestfs-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-bash-completion-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-basic-plugins-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-devel-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-example-plugins-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-gzip-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-gzip-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-python-common-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-python-common-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-python3-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-python3-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-vddk-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-vddk-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-xz-1.4.2-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nbdkit-plugin-xz-1.4.2-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.15-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-1.3.15-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.15-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-hivex-devel-1.3.15-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ocaml-libguestfs-devel-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.15-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-hivex-1.3.15-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Guestfs-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-4.5.0-5.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perl-Sys-Virt-4.5.0-5.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.15-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-hivex-1.3.15-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libguestfs-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-4.5.0-2.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libvirt-4.5.0-2.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.15-7.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-hivex-1.3.15-7.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libguestfs-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-1.11.1-4.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-1.11.1-4.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.11.1-4.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seabios-bin-1.11.1-4.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.11.1-4.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'seavgabios-bin-1.11.1-4.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-0.20170427git-3.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'sgabios-bin-0.20170427git-3.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'SLOF-20171214-6.gitfa98132.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'SLOF-20171214-6.gitfa98132.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-9.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-5.1.19-9.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-9.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'supermin-devel-5.1.19-9.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-dib-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-p2v-maker-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-p2v-maker-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-1.38.4-14.module_el8.1.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'virt-v2v-1.38.4-14.module_el8.1.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'SLOF / hivex / hivex-devel / libguestfs / libguestfs-bash-completion / etc');\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-15T20:31:03", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3345 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. (CVE-2019-9824)\n\n - interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.\n (CVE-2019-12155)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : virt:rhel (ALSA-2019:3345)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-9755", "CVE-2019-9824"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:alma:linux:libiscsi", "p-cpe:/a:alma:linux:libiscsi-devel", "p-cpe:/a:alma:linux:libiscsi-utils", "p-cpe:/a:alma:linux:netcf", "p-cpe:/a:alma:linux:netcf-devel", "p-cpe:/a:alma:linux:netcf-libs", "p-cpe:/a:alma:linux:sgabios", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2019-3345.NASL", "href": "https://www.tenable.com/plugins/nessus/157624", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2019:3345.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157624);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\"CVE-2019-9755\", \"CVE-2019-9824\", \"CVE-2019-12155\");\n script_xref(name:\"ALSA\", value:\"2019:3345\");\n\n script_name(english:\"AlmaLinux 8 : virt:rhel (ALSA-2019:3345)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2019:3345 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by\n running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap\n buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where\n /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\n - tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an\n snprintf call, leading to Information disclosure. (CVE-2019-9824)\n\n - interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.\n (CVE-2019-12155)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2019-3345.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9755\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libiscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libiscsi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libiscsi-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:netcf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:netcf-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:netcf-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar module_ver = get_kb_item('Host/AlmaLinux/appstream/virt-devel');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\nif ('rhel' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module virt-devel:' + module_ver);\n\nvar appstreams = {\n 'virt-devel:rhel': [\n {'reference':'libiscsi-1.18.0-8.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-devel-1.18.0-8.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libiscsi-utils-1.18.0-8.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-0.2.8-12.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-devel-0.2.8-12.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'netcf-libs-0.2.8-12.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sgabios-0.20170427git-3.module_el8.3.0+2048+e7a0a3ea', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n};\n\nvar flag = 0;\nvar appstreams_found = 0;\nforeach module (keys(appstreams)) {\n var appstream = NULL;\n var appstream_name = NULL;\n var appstream_version = NULL;\n var appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/AlmaLinux/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module virt-devel:rhel');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libiscsi / libiscsi-devel / libiscsi-utils / netcf / netcf-devel / etc');\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-20T01:10:59", "description": "According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.(CVE-2019-9824)\n\n - interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NULL pointer dereference.(CVE-2019-12155)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2019-2255)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-9824"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:qemu-img", "p-cpe:/a:huawei:euleros:qemu-kvm", "p-cpe:/a:huawei:euleros:qemu-kvm-common", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2255.NASL", "href": "https://www.tenable.com/plugins/nessus/130717", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130717);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-12155\",\n \"CVE-2019-9824\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2019-2255)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the qemu-kvm packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c)\n in QEMU 3.0.0 uses uninitialized data in an snprintf\n call, leading to Information disclosure.(CVE-2019-9824)\n\n - interface_release_resource in hw/display/qxl.c in QEMU\n 4.0.0 has a NULL pointer dereference.(CVE-2019-12155)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2255\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ca579531\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu-kvm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9824\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"qemu-img-1.5.3-156.5.h4\",\n \"qemu-kvm-1.5.3-156.5.h4\",\n \"qemu-kvm-common-1.5.3-156.5.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-kvm\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:21:21", "description": "- CVE-2019-12155: qxl: NULL pointer dereference while releasing spice resources (bz #1712727, bz #1712670)\n\n - CVE-2019-5008: NULL pointer dereference in hw/sparc64/sun4u.c leading to DoS (bz #1705916, bz #1705915)\n\n - CVE-2018-20815: device_tree: heap buffer overflow while loading device tree blob (bz #1693117, bz #1693101)\n\n - CVE-2019-9824: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (bz #1689794, bz #1678515)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "Fedora 30 : 2:qemu (2019-52a8f5468e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20815", "CVE-2019-12155", "CVE-2019-5008", "CVE-2019-9824"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:qemu", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-52A8F5468E.NASL", "href": "https://www.tenable.com/plugins/nessus/126530", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-52a8f5468e.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126530);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2018-20815\", \"CVE-2019-12155\", \"CVE-2019-5008\", \"CVE-2019-9824\");\n script_xref(name:\"FEDORA\", value:\"2019-52a8f5468e\");\n\n script_name(english:\"Fedora 30 : 2:qemu (2019-52a8f5468e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2019-12155: qxl: NULL pointer dereference while\n releasing spice resources (bz #1712727, bz #1712670)\n\n - CVE-2019-5008: NULL pointer dereference in\n hw/sparc64/sun4u.c leading to DoS (bz #1705916, bz\n #1705915)\n\n - CVE-2018-20815: device_tree: heap buffer overflow while\n loading device tree blob (bz #1693117, bz #1693101)\n\n - CVE-2019-9824: Slirp: information leakage in tcp_emu()\n due to uninitialized stack variables (bz #1689794, bz\n #1678515)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-52a8f5468e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:qemu package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"qemu-3.1.0-9.fc30\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:qemu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:21:20", "description": "A heap buffer overflow issue was found in the load_device_tree() function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potentially execute arbitrary code on a host system with privileges of the QEMU process. (CVE-2018-20815)\n\nhw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver. (CVE-2019-5008)\n\nSlirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nqxl: NULL pointer dereference while releasing spice resources (CVE-2019-12155)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-24T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : qemu (ALAS-2019-1248)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20815", "CVE-2019-12155", "CVE-2019-5008", "CVE-2019-9824"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ivshmem-tools", "p-cpe:/a:amazon:linux:qemu", "p-cpe:/a:amazon:linux:qemu-audio-alsa", "p-cpe:/a:amazon:linux:qemu-audio-oss", "p-cpe:/a:amazon:linux:qemu-audio-pa", "p-cpe:/a:amazon:linux:qemu-audio-sdl", "p-cpe:/a:amazon:linux:qemu-block-curl", "p-cpe:/a:amazon:linux:qemu-block-dmg", "p-cpe:/a:amazon:linux:qemu-block-iscsi", "p-cpe:/a:amazon:linux:qemu-block-nfs", "p-cpe:/a:amazon:linux:qemu-block-rbd", "p-cpe:/a:amazon:linux:qemu-block-ssh", "p-cpe:/a:amazon:linux:qemu-common", "p-cpe:/a:amazon:linux:qemu-debuginfo", "p-cpe:/a:amazon:linux:qemu-guest-agent", "p-cpe:/a:amazon:linux:qemu-img", "p-cpe:/a:amazon:linux:qemu-kvm", "p-cpe:/a:amazon:linux:qemu-kvm-core", "p-cpe:/a:amazon:linux:qemu-system-aarch64", "p-cpe:/a:amazon:linux:qemu-system-aarch64-core", "p-cpe:/a:amazon:linux:qemu-system-x86", "p-cpe:/a:amazon:linux:qemu-system-x86-core", "p-cpe:/a:amazon:linux:qemu-ui-curses", "p-cpe:/a:amazon:linux:qemu-ui-gtk", "p-cpe:/a:amazon:linux:qemu-ui-sdl", "p-cpe:/a:amazon:linux:qemu-user", "p-cpe:/a:amazon:linux:qemu-user-binfmt", "p-cpe:/a:amazon:linux:qemu-user-static", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1248.NASL", "href": "https://www.tenable.com/plugins/nessus/126960", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1248.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126960);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2018-20815\", \"CVE-2019-12155\", \"CVE-2019-5008\", \"CVE-2019-9824\");\n script_xref(name:\"ALAS\", value:\"2019-1248\");\n\n script_name(english:\"Amazon Linux 2 : qemu (ALAS-2019-1248)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap buffer overflow issue was found in the load_device_tree()\nfunction of QEMU, which is invoked to load a device tree blob at boot\ntime. It occurs due to device tree size manipulation before buffer\nallocation, which could overflow a signed int type. A user/process\ncould use this flaw to potentially execute arbitrary code on a host\nsystem with privileges of the QEMU process. (CVE-2018-20815)\n\nhw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer\ndereference, which allows the attacker to cause a denial of service\nvia a device driver. (CVE-2019-5008)\n\nSlirp: information leakage in tcp_emu() due to uninitialized stack\nvariables (CVE-2019-9824)\n\nqxl: NULL pointer dereference while releasing spice resources\n(CVE-2019-12155)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1248.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update qemu' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ivshmem-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-audio-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-audio-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-audio-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-audio-sdl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-dmg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-nfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-system-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-system-aarch64-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-system-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-system-x86-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-ui-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-ui-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-ui-sdl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-user\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-user-binfmt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-user-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"ivshmem-tools-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-audio-alsa-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-audio-oss-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-audio-pa-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-audio-sdl-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-curl-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-dmg-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-iscsi-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-nfs-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"qemu-block-rbd-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-ssh-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-common-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-debuginfo-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-guest-agent-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-img-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-kvm-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-kvm-core-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-system-aarch64-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-system-aarch64-core-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-system-x86-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-system-x86-core-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-ui-curses-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-ui-gtk-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-ui-sdl-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-user-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-user-binfmt-3.1.0-7.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-user-static-3.1.0-7.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ivshmem-tools / qemu / qemu-audio-alsa / qemu-audio-oss / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-20T01:25:43", "description": "From Red Hat Security Advisory 2019:2607 :\n\nAn update for qemu-kvm is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: qxl: NULL pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-05T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : qemu-kvm (ELSA-2019-2607)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:qemu-img", "p-cpe:/a:oracle:linux:qemu-kvm", "p-cpe:/a:oracle:linux:qemu-kvm-common", "p-cpe:/a:oracle:linux:qemu-kvm-tools", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2019-2607.NASL", "href": "https://www.tenable.com/plugins/nessus/128514", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:2607 and \n# Oracle Linux Security Advisory ELSA-2019-2607 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128514);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-12155\");\n script_xref(name:\"RHSA\", value:\"2019:2607\");\n\n script_name(english:\"Oracle Linux 7 : qemu-kvm (ELSA-2019-2607)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2019:2607 :\n\nAn update for qemu-kvm is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm packages provide\nthe user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: qxl: NULL pointer dereference while releasing spice resources\n(CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2019-September/009116.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected qemu-kvm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"qemu-img-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"qemu-kvm-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"qemu-kvm-common-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-1.5.3-167.el7_7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-img / qemu-kvm / qemu-kvm-common / qemu-kvm-tools\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-20T01:29:25", "description": "An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: qxl: NULL pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-04T00:00:00", "type": "nessus", "title": "RHEL 7 : qemu-kvm (RHSA-2019:2607)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.7"], "id": "REDHAT-RHSA-2019-2607.NASL", "href": "https://www.tenable.com/plugins/nessus/128497", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2607. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128497);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-12155\");\n script_xref(name:\"RHSA\", value:\"2019:2607\");\n\n script_name(english:\"RHEL 7 : qemu-kvm (RHSA-2019:2607)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for qemu-kvm is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm packages provide\nthe user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: qxl: NULL pointer dereference while releasing spice resources\n(CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12155\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2607\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-img-1.5.3-167.el7_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-1.5.3-167.el7_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-common-1.5.3-167.el7_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-debuginfo-1.5.3-167.el7_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-1.5.3-167.el7_7.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-img / qemu-kvm / qemu-kvm-common / qemu-kvm-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-20T01:26:42", "description": "An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: qxl: NULL pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-19T00:00:00", "type": "nessus", "title": "CentOS 7 : qemu-kvm (CESA-2019:2607)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:qemu-img", "p-cpe:/a:centos:centos:qemu-kvm", "p-cpe:/a:centos:centos:qemu-kvm-common", "p-cpe:/a:centos:centos:qemu-kvm-tools", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-2607.NASL", "href": "https://www.tenable.com/plugins/nessus/129022", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2607 and \n# CentOS Errata and Security Advisory 2019:2607 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129022);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-12155\");\n script_xref(name:\"RHSA\", value:\"2019:2607\");\n\n script_name(english:\"CentOS 7 : qemu-kvm (CESA-2019:2607)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for qemu-kvm is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm packages provide\nthe user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: qxl: NULL pointer dereference while releasing spice resources\n(CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2019-September/023428.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a13d8457\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected qemu-kvm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-12155\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qemu-img-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qemu-kvm-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qemu-kvm-common-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-1.5.3-167.el7_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-img / qemu-kvm / qemu-kvm-common / qemu-kvm-tools\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-20T01:30:36", "description": "Security Fix(es): \n\n - QEMU: qxl: NULL pointer dereference while releasing spice resources (CVE-2019-12155) -- ", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-04T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20190903)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:qemu-img", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm-common", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm-tools", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190903_QEMU_KVM_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/128502", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128502);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2019-12155\");\n\n script_name(english:\"Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20190903)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es): \n\n - QEMU: qxl: NULL pointer dereference while releasing\n spice resources (CVE-2019-12155) -- \"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1909&L=SCIENTIFIC-LINUX-ERRATA&P=9428\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e6c39b3d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-img-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-kvm-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-kvm-common-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-kvm-debuginfo-1.5.3-167.el7_7.1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-1.5.3-167.el7_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-img / qemu-kvm / qemu-kvm-common / qemu-kvm-debuginfo / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:08:40", "description": "An update for qemu-kvm is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-12-22T00:00:00", "type": "nessus", "title": "Virtuozzo 6 : qemu-guest-agent / qemu-img / qemu-kvm / etc (VZLSA-2019-1650)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:qemu-guest-agent", "p-cpe:/a:virtuozzo:virtuozzo:qemu-img", "p-cpe:/a:virtuozzo:virtuozzo:qemu-kvm", "p-cpe:/a:virtuozzo:virtuozzo:qemu-kvm-tools", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZLSA-2019-1650.NASL", "href": "https://www.tenable.com/plugins/nessus/144528", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144528);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\n \"CVE-2019-9824\"\n );\n\n script_name(english:\"Virtuozzo 6 : qemu-guest-agent / qemu-img / qemu-kvm / etc (VZLSA-2019-1650)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for qemu-kvm is now available for Red Hat Enterprise Linux\n6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm packages provide\nthe user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized\nstack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2019-1650.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fdca61fa\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2019:1650\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected qemu-guest-agent / qemu-img / qemu-kvm / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"qemu-guest-agent-0.12.1.2-2.506.vl6.4\",\n \"qemu-img-0.12.1.2-2.506.vl6.4\",\n \"qemu-kvm-0.12.1.2-2.506.vl6.4\",\n \"qemu-kvm-tools-0.12.1.2-2.506.vl6.4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-guest-agent / qemu-img / qemu-kvm / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-16T12:45:48", "description": "From Red Hat Security Advisory 2019:1650 :\n\nAn update for qemu-kvm is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-07-03T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : qemu-kvm (ELSA-2019-1650)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:qemu-guest-agent", "p-cpe:/a:oracle:linux:qemu-img", "p-cpe:/a:oracle:linux:qemu-kvm", "p-cpe:/a:oracle:linux:qemu-kvm-tools", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2019-1650.NASL", "href": "https://www.tenable.com/plugins/nessus/126450", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:1650 and \n# Oracle Linux Security Advisory ELSA-2019-1650 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126450);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-9824\");\n script_xref(name:\"RHSA\", value:\"2019:1650\");\n\n script_name(english:\"Oracle Linux 6 : qemu-kvm (ELSA-2019-1650)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2019:1650 :\n\nAn update for qemu-kvm is now available for Red Hat Enterprise Linux\n6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm packages provide\nthe user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized\nstack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2019-July/008873.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected qemu-kvm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"qemu-guest-agent-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"qemu-img-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"qemu-kvm-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-0.12.1.2-2.506.el6_10.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-guest-agent / qemu-img / qemu-kvm / qemu-kvm-tools\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:21:56", "description": "An update for qemu-kvm is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-07-03T00:00:00", "type": "nessus", "title": "RHEL 6 : qemu-kvm (RHSA-2019:1650)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent", "p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2019-1650.NASL", "href": "https://www.tenable.com/plugins/nessus/126452", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:1650. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126452);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-9824\");\n script_xref(name:\"RHSA\", value:\"2019:1650\");\n\n script_name(english:\"RHEL 6 : qemu-kvm (RHSA-2019:1650)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for qemu-kvm is now available for Red Hat Enterprise Linux\n6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm packages provide\nthe user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized\nstack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:1650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9824\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:1650\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"qemu-guest-agent-0.12.1.2-2.506.el6_10.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-guest-agent-0.12.1.2-2.506.el6_10.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-img-0.12.1.2-2.506.el6_10.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-kvm-0.12.1.2-2.506.el6_10.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.4\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-0.12.1.2-2.506.el6_10.4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-guest-agent / qemu-img / qemu-kvm / qemu-kvm-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:20:32", "description": "An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 7 : qemu-kvm (RHSA-2019:2078)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:qemu-img", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2078.NASL", "href": "https://www.tenable.com/plugins/nessus/127667", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2078. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127667);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-9824\");\n script_xref(name:\"RHSA\", value:\"2019:2078\");\n\n script_name(english:\"RHEL 7 : qemu-kvm (RHSA-2019:2078)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for qemu-kvm is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm packages provide\nthe user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized\nstack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9824\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2078\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-img-1.5.3-167.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-1.5.3-167.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-common-1.5.3-167.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-debuginfo-1.5.3-167.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-1.5.3-167.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-img / qemu-kvm / qemu-kvm-common / qemu-kvm-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-16T00:28:28", "description": "An update for qemu-kvm is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-07-05T00:00:00", "type": "nessus", "title": "CentOS 6 : qemu-kvm (CESA-2019:1650)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:centos:centos:qemu-guest-agent", "p-cpe:/a:centos:centos:qemu-img", "p-cpe:/a:centos:centos:qemu-kvm", "p-cpe:/a:centos:centos:qemu-kvm-tools", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2019-1650.NASL", "href": "https://www.tenable.com/plugins/nessus/126479", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:1650 and \n# CentOS Errata and Security Advisory 2019:1650 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126479);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-9824\");\n script_xref(name:\"RHSA\", value:\"2019:1650\");\n\n script_name(english:\"CentOS 6 : qemu-kvm (CESA-2019:1650)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for qemu-kvm is now available for Red Hat Enterprise Linux\n6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm packages provide\nthe user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized\nstack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2019-July/023350.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fd4fdc0a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected qemu-kvm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9824\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"qemu-guest-agent-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", cpu:\"x86_64\", reference:\"qemu-img-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", cpu:\"x86_64\", reference:\"qemu-kvm-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-0.12.1.2-2.506.el6_10.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-guest-agent / qemu-img / qemu-kvm / qemu-kvm-tools\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:20:23", "description": "An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-30T00:00:00", "type": "nessus", "title": "CentOS 7 : qemu-kvm (CESA-2019:2078)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:qemu-img", "p-cpe:/a:centos:centos:qemu-kvm", "p-cpe:/a:centos:centos:qemu-kvm-common", "p-cpe:/a:centos:centos:qemu-kvm-tools", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-2078.NASL", "href": "https://www.tenable.com/plugins/nessus/128348", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2078 and \n# CentOS Errata and Security Advisory 2019:2078 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128348);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-9824\");\n script_xref(name:\"RHSA\", value:\"2019:2078\");\n\n script_name(english:\"CentOS 7 : qemu-kvm (CESA-2019:2078)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for qemu-kvm is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nKernel-based Virtual Machine (KVM) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm packages provide\nthe user-space component for running virtual machines that use KVM.\n\nSecurity Fix(es) :\n\n* QEMU: Slirp: information leakage in tcp_emu() due to uninitialized\nstack variables (CVE-2019-9824)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/006079.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8df36a66\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected qemu-kvm packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9824\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qemu-img-1.5.3-167.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qemu-kvm-1.5.3-167.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qemu-kvm-common-1.5.3-167.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-1.5.3-167.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-img / qemu-kvm / qemu-kvm-common / qemu-kvm-tools\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:20:56", "description": "The remote NewStart CGSL host, running version MAIN 4.05, has qemu-kvm packages installed that are affected by a vulnerability:\n\n - tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. (CVE-2019-9824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 4.05 : qemu-kvm Vulnerability (NS-SA-2019-0168)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0168_QEMU-KVM.NASL", "href": "https://www.tenable.com/plugins/nessus/127457", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0168. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127457);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2019-9824\");\n\n script_name(english:\"NewStart CGSL MAIN 4.05 : qemu-kvm Vulnerability (NS-SA-2019-0168)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.05, has qemu-kvm packages installed that are affected by a\nvulnerability:\n\n - tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c)\n in QEMU 3.0.0 uses uninitialized data in an snprintf\n call, leading to Information disclosure. (CVE-2019-9824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0168\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qemu-kvm packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.05\": [\n \"qemu-guest-agent-0.12.1.2-2.506.el6_10.4\",\n \"qemu-img-0.12.1.2-2.506.el6_10.4\",\n \"qemu-kvm-0.12.1.2-2.506.el6_10.4\",\n \"qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.4\",\n \"qemu-kvm-tools-0.12.1.2-2.506.el6_10.4\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-kvm\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:19:41", "description": "The remote NewStart CGSL host, running version MAIN 4.06, has qemu-kvm packages installed that are affected by a vulnerability:\n\n - tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. (CVE-2019-9824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-11T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 4.06 : qemu-kvm Vulnerability (NS-SA-2019-0176)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0176_QEMU-KVM.NASL", "href": "https://www.tenable.com/plugins/nessus/128688", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0176. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128688);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2019-9824\");\n\n script_name(english:\"NewStart CGSL MAIN 4.06 : qemu-kvm Vulnerability (NS-SA-2019-0176)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.06, has qemu-kvm packages installed that are affected by a\nvulnerability:\n\n - tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c)\n in QEMU 3.0.0 uses uninitialized data in an snprintf\n call, leading to Information disclosure. (CVE-2019-9824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0176\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL qemu-kvm packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 4.06\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.06');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 4.06\": [\n \"qemu-guest-agent-0.12.1.2-2.506.el6_10.4\",\n \"qemu-img-0.12.1.2-2.506.el6_10.4\",\n \"qemu-kvm-0.12.1.2-2.506.el6_10.4\",\n \"qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.4\",\n \"qemu-kvm-tools-0.12.1.2-2.506.el6_10.4\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-kvm\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:22:09", "description": "Security Fix(es) :\n\n - QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-07-03T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20190702)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:qemu-guest-agent", "p-cpe:/a:fermilab:scientific_linux:qemu-img", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm-tools", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190702_QEMU_KVM_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/126455", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126455);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2019-9824\");\n\n script_name(english:\"Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20190702)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - QEMU: Slirp: information leakage in tcp_emu() due to\n uninitialized stack variables (CVE-2019-9824)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1907&L=SCIENTIFIC-LINUX-ERRATA&P=1460\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?535db128\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"qemu-guest-agent-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"qemu-img-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"qemu-kvm-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.4\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-0.12.1.2-2.506.el6_10.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-guest-agent / qemu-img / qemu-kvm / qemu-kvm-debuginfo / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:21:08", "description": "Security Fix(es) :\n\n - QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-27T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20190806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:qemu-img", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm-common", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm-debuginfo", "p-cpe:/a:fermilab:scientific_linux:qemu-kvm-tools", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190806_QEMU_KVM_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/128257", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128257);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2019-9824\");\n\n script_name(english:\"Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20190806)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - QEMU: Slirp: information leakage in tcp_emu() due to\n uninitialized stack variables (CVE-2019-9824)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1908&L=SCIENTIFIC-LINUX-ERRATA&P=16470\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?593942f8\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:qemu-kvm-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-img-1.5.3-167.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-kvm-1.5.3-167.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-kvm-common-1.5.3-167.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-kvm-debuginfo-1.5.3-167.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-1.5.3-167.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-img / qemu-kvm / qemu-kvm-common / qemu-kvm-debuginfo / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:50:59", "description": "An update for libguestfs-winsupport is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nThe libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine (VM) disk images.\n\nSecurity Fix(es) :\n\n* ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-30T00:00:00", "type": "nessus", "title": "CentOS 7 : libguestfs-winsupport (CESA-2019:2308)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libguestfs-winsupport", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-2308.NASL", "href": "https://www.tenable.com/plugins/nessus/128389", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2308 and \n# CentOS Errata and Security Advisory 2019:2308 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128389);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-9755\");\n script_xref(name:\"RHSA\", value:\"2019:2308\");\n\n script_name(english:\"CentOS 7 : libguestfs-winsupport (CESA-2019:2308)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for libguestfs-winsupport is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nThe libguestfs-winsupport package adds support for Windows guests to\nlibguestfs, a set of tools and libraries allowing users to access and\nmodify virtual machine (VM) disk images.\n\nSecurity Fix(es) :\n\n* ntfs-3g: heap-based buffer overflow leads to local root privilege\nescalation (CVE-2019-9755)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2019-August/005950.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d0f637e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libguestfs-winsupport package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9755\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"libguestfs-winsupport-7.2-3.el7\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libguestfs-winsupport\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:17:11", "description": "A heap-based buffer overflow was discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of this flaw for local root privilege escalation.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 1:2014.2.15AR.2-1+deb8u4.\n\nWe recommend that you upgrade your ntfs-3g packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-25T00:00:00", "type": "nessus", "title": "Debian DLA-1724-1 : ntfs-3g security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ntfs-3g", "p-cpe:/a:debian:debian_linux:ntfs-3g-dbg", "p-cpe:/a:debian:debian_linux:ntfs-3g-dev", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1724.NASL", "href": "https://www.tenable.com/plugins/nessus/123018", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1724-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123018);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-9755\");\n\n script_name(english:\"Debian DLA-1724-1 : ntfs-3g security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow was discovered in NTFS-3G, a read-write\nNTFS driver for FUSE. A local user can take advantage of this flaw for\nlocal root privilege escalation.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n1:2014.2.15AR.2-1+deb8u4.\n\nWe recommend that you upgrade your ntfs-3g packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00026.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/ntfs-3g\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected ntfs-3g, ntfs-3g-dbg, and ntfs-3g-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-3g\", reference:\"1:2014.2.15AR.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-3g-dbg\", reference:\"1:2014.2.15AR.2-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-3g-dev\", reference:\"1:2014.2.15AR.2-1+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:20:19", "description": "This update for ntfs-3g_ntfsprogs fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-9755: Fixed a heap-based buffer overflow which could lead to local privilege escalation (bsc#1130165).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2019:1001-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-01-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libntfs-3g-devel", "p-cpe:/a:novell:suse_linux:ntfs-3g_ntfsprogs-debuginfo", "p-cpe:/a:novell:suse_linux:ntfs-3g_ntfsprogs-debugsource", "p-cpe:/a:novell:suse_linux:ntfsprogs-extra", "p-cpe:/a:novell:suse_linux:ntfsprogs-extra-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-1001-1.NASL", "href": "https://www.tenable.com/plugins/nessus/124294", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1001-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124294);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/22\");\n\n script_cve_id(\"CVE-2019-9755\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2019:1001-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntfs-3g_ntfsprogs fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-9755: Fixed a heap-based buffer overflow which could lead to\nlocal privilege escalation (bsc#1130165).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9755/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191001-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c63d31dc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15:zypper in -t patch\nSUSE-SLE-Product-WE-15-2019-1001=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-1001=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libntfs-3g-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfs-3g_ntfsprogs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfs-3g_ntfsprogs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfsprogs-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfsprogs-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libntfs-3g-devel-2016.2.22-3.3.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ntfs-3g_ntfsprogs-debuginfo-2016.2.22-3.3.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ntfs-3g_ntfsprogs-debugsource-2016.2.22-3.3.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ntfsprogs-extra-2016.2.22-3.3.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ntfsprogs-extra-debuginfo-2016.2.22-3.3.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libntfs-3g-devel-2016.2.22-3.3.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ntfs-3g_ntfsprogs-debuginfo-2016.2.22-3.3.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ntfs-3g_ntfsprogs-debugsource-2016.2.22-3.3.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ntfsprogs-extra-2016.2.22-3.3.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ntfsprogs-extra-debuginfo-2016.2.22-3.3.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntfs-3g_ntfsprogs\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:01:32", "description": "According to the version of the libguestfs-winsupport package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23.\n A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.(CVE-2019-9755)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : libguestfs-winsupport (EulerOS-SA-2019-2253)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libguestfs-winsupport", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2253.NASL", "href": "https://www.tenable.com/plugins/nessus/130715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130715);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-9755\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : libguestfs-winsupport (EulerOS-SA-2019-2253)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libguestfs-winsupport package\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerability :\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23.\n A local attacker could potentially exploit this by\n running /bin/ntfs-3g with specially crafted arguments\n from a specially crafted directory to cause a heap\n buffer overflow, resulting in a crash or the ability to\n execute arbitrary code. In installations where\n /bin/ntfs-3g is a setuid-root binary, this could lead\n to a local escalation of privileges.(CVE-2019-9755)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2253\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?daa29c7b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libguestfs-winsupport package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libguestfs-winsupport-7.2-1.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libguestfs-winsupport\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:27:39", "description": "This update for ntfs-3g_ntfsprogs fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9755: Fixed a heap-based buffer overflow which could lead to local privilege escalation (bsc#1130165).\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ntfs-3g_ntfsprogs (openSUSE-2019-1313)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libntfs-3g-devel", "p-cpe:/a:novell:opensuse:libntfs-3g84", "p-cpe:/a:novell:opensuse:libntfs-3g84-debuginfo", "p-cpe:/a:novell:opensuse:ntfs-3g", "p-cpe:/a:novell:opensuse:ntfs-3g-debuginfo", "p-cpe:/a:novell:opensuse:ntfs-3g_ntfsprogs-debugsource", "p-cpe:/a:novell:opensuse:ntfsprogs", "p-cpe:/a:novell:opensuse:ntfsprogs-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-1313.NASL", "href": "https://www.tenable.com/plugins/nessus/124582", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1313.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124582);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-9755\");\n\n script_name(english:\"openSUSE Security Update : ntfs-3g_ntfsprogs (openSUSE-2019-1313)\");\n script_summary(english:\"Check for the openSUSE-2019-1313 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntfs-3g_ntfsprogs fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9755: Fixed a heap-based buffer overflow which\n could lead to local privilege escalation (bsc#1130165).\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1130165\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ntfs-3g_ntfsprogs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g84-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfs-3g-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfs-3g_ntfsprogs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libntfs-3g-devel-2013.1.13-7.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libntfs-3g84-2013.1.13-7.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libntfs-3g84-debuginfo-2013.1.13-7.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntfs-3g-2013.1.13-7.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntfs-3g-debuginfo-2013.1.13-7.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntfs-3g_ntfsprogs-debugsource-2013.1.13-7.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntfsprogs-2013.1.13-7.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntfsprogs-debuginfo-2013.1.13-7.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libntfs-3g-devel / libntfs-3g84 / libntfs-3g84-debuginfo / ntfs-3g / etc\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:27:33", "description": "This update for ntfs-3g_ntfsprogs fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9755: Fixed a heap-based buffer overflow which could lead to local privilege escalation (bsc#1130165).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ntfs-3g_ntfsprogs (openSUSE-2019-1314)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libntfs-3g-devel", "p-cpe:/a:novell:opensuse:libntfs-3g87", "p-cpe:/a:novell:opensuse:libntfs-3g87-debuginfo", "p-cpe:/a:novell:opensuse:ntfs-3g", "p-cpe:/a:novell:opensuse:ntfs-3g-debuginfo", "p-cpe:/a:novell:opensuse:ntfs-3g_ntfsprogs-debuginfo", "p-cpe:/a:novell:opensuse:ntfs-3g_ntfsprogs-debugsource", "p-cpe:/a:novell:opensuse:ntfsprogs", "p-cpe:/a:novell:opensuse:ntfsprogs-debuginfo", "p-cpe:/a:novell:opensuse:ntfsprogs-extra", "p-cpe:/a:novell:opensuse:ntfsprogs-extra-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-1314.NASL", "href": "https://www.tenable.com/plugins/nessus/124583", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1314.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124583);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-9755\");\n\n script_name(english:\"openSUSE Security Update : ntfs-3g_ntfsprogs (openSUSE-2019-1314)\");\n script_summary(english:\"Check for the openSUSE-2019-1314 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntfs-3g_ntfsprogs fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-9755: Fixed a heap-based buffer overflow which\n could lead to local privilege escalation (bsc#1130165).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1130165\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ntfs-3g_ntfsprogs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g87\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libntfs-3g87-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfs-3g-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfs-3g_ntfsprogs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfs-3g_ntfsprogs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntfsprogs-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libntfs-3g-devel-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libntfs-3g87-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libntfs-3g87-debuginfo-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntfs-3g-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntfs-3g-debuginfo-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntfs-3g_ntfsprogs-debuginfo-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntfs-3g_ntfsprogs-debugsource-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntfsprogs-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntfsprogs-debuginfo-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntfsprogs-extra-2016.2.22-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntfsprogs-extra-debuginfo-2016.2.22-lp150.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libntfs-3g-devel / libntfs-3g87 / libntfs-3g87-debuginfo / ntfs-3g / etc\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:27:22", "description": "Fix for CVE-2019-9755.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-02T00:00:00", "type": "nessus", "title": "Fedora 30 : 2:ntfs-3g (2019-e42442fb33)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-01-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:ntfs-3g", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-E42442FB33.NASL", "href": "https://www.tenable.com/plugins/nessus/124548", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-e42442fb33.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124548);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2019-9755\");\n script_xref(name:\"FEDORA\", value:\"2019-e42442fb33\");\n\n script_name(english:\"Fedora 30 : 2:ntfs-3g (2019-e42442fb33)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2019-9755.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-e42442fb33\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:ntfs-3g package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"ntfs-3g-2017.3.23-11.fc30\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:ntfs-3g\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T15:36:52", "description": "According to the version of the libguestfs-winsupport package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - This optional package adds support for Windows guests (NTFS) to the virt-v2v and virt-p2v programs.Security Fix(es):An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.(CVE-2019-9755)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : libguestfs-winsupport (EulerOS-SA-2020-1622)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libguestfs-winsupport", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1622.NASL", "href": "https://www.tenable.com/plugins/nessus/137464", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137464);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-9755\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : libguestfs-winsupport (EulerOS-SA-2020-1622)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libguestfs-winsupport package\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerability :\n\n - This optional package adds support for Windows guests\n (NTFS) to the virt-v2v and virt-p2v programs.Security\n Fix(es):An integer underflow issue exists in ntfs-3g\n 2017.3.23. A local attacker could potentially exploit\n this by running /bin/ ntfs-3g with specially crafted\n arguments from a specially crafted directory to cause a\n heap buffer overflow, resulting in a crash or the\n ability to execute arbitrary code. In installations\n where /bin/ ntfs-3g is a setuid-root binary, this could\n lead to a local escalation of\n privileges.(CVE-2019-9755)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1622\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f0cd8d31\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libguestfs-winsupport package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libguestfs-winsupport-7.2-1.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libguestfs-winsupport\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T15:38:46", "description": "The remote host is affected by the vulnerability described in GLSA-202007-45 (NTFS-3G: Remote code execution, possible privilege escalation)\n\n An integer underflow issue exists in NTFS-3G which may cause a heap buffer overflow with crafted input.\n Impact :\n\n A remote attacker may be able to execute arbitrary code while a local attacker may be able to escalate privileges.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "GLSA-202007-45 : NTFS-3G: Remote code execution, possible privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-07-30T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:ntfs3g", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202007-45.NASL", "href": "https://www.tenable.com/plugins/nessus/138968", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202007-45.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138968);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/30\");\n\n script_cve_id(\"CVE-2019-9755\");\n script_xref(name:\"GLSA\", value:\"202007-45\");\n\n script_name(english:\"GLSA-202007-45 : NTFS-3G: Remote code execution, possible privilege escalation\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202007-45\n(NTFS-3G: Remote code execution, possible privilege escalation)\n\n An integer underflow issue exists in NTFS-3G which may cause a heap\n buffer overflow with crafted input.\n \nImpact :\n\n A remote attacker may be able to execute arbitrary code while a local\n attacker may be able to escalate privileges.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202007-45\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All NTFS-3G users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-fs/ntfs3g-2017.3.23-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ntfs3g\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-fs/ntfs3g\", unaffected:make_list(\"ge 2017.3.23-r3\"), vulnerable:make_list(\"lt 2017.3.23-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"NTFS-3G\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T15:39:41", "description": "According to the version of the ntfs-3g packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23.\n A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.(CVE-2019-9755)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : ntfs-3g (EulerOS-SA-2020-1816)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ntfs-3g", "p-cpe:/a:huawei:euleros:ntfsprogs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1816.NASL", "href": "https://www.tenable.com/plugins/nessus/139146", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139146);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-9755\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : ntfs-3g (EulerOS-SA-2020-1816)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the ntfs-3g packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23.\n A local attacker could potentially exploit this by\n running /bin/ntfs-3g with specially crafted arguments\n from a specially crafted directory to cause a heap\n buffer overflow, resulting in a crash or the ability to\n execute arbitrary code. In installations where\n /bin/ntfs-3g is a setuid-root binary, this could lead\n to a local escalation of privileges.(CVE-2019-9755)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1816\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a4fe17fa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ntfs-3g package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntfsprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ntfs-3g-2017.3.23-8.h2.eulerosv2r8\",\n \"ntfsprogs-2017.3.23-8.h2.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntfs-3g\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-23T15:07:21", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1522 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-27T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : libguestfs-winsupport (ALAS-2020-1522)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-10-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libguestfs-winsupport", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1522.NASL", "href": "https://www.tenable.com/plugins/nessus/141945", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n# \n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1522.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141945);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/27\");\n\n script_cve_id(\"CVE-2019-9755\");\n script_xref(name:\"ALAS\", value:\"2020-1522\");\n\n script_name(english:\"Amazon Linux 2 : libguestfs-winsupport (ALAS-2020-1522)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a\nvulnerability as referenced in the ALAS2-2020-1522 advisory.\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by\n running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap\n buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where\n /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges. (CVE-2019-9755)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1522.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-9755\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update libguestfs-winsupport' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9755\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'libguestfs-winsupport-7.2-3.amzn2', 'cpu':'aarch64', 'release':'AL2'},\n {'reference':'libguestfs-winsupport-7.2-3.amzn2', 'cpu':'x86_64', 'release':'AL2'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libguestfs-winsupport\");\n}", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:50:58", "description": "An update for libguestfs-winsupport is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link (s) in the References section.\n\nThe libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine (VM) disk images.\n\nSecurity Fix(es) :\n\n* ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 7 : libguestfs-winsupport (RHSA-2019:2308)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-2308.NASL", "href": "https://www.tenable.com/plugins/nessus/127711", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2308. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127711);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2019-9755\");\n script_xref(name:\"RHSA\", value:\"2019:2308\");\n\n script_name(english:\"RHEL 7 : libguestfs-winsupport (RHSA-2019:2308)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for libguestfs-winsupport is now available for Red Hat\nEnterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link (s) in the References section.\n\nThe libguestfs-winsupport package adds support for Windows guests to\nlibguestfs, a set of tools and libraries allowing users to access and\nmodify virtual machine (VM) disk images.\n\nSecurity Fix(es) :\n\n* ntfs-3g: heap-based buffer overflow leads to local root privilege\nescalation (CVE-2019-9755)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\"\n );\n # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9755\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libguestfs-winsupport package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2308\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"libguestfs-winsupport-7.2-3.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libguestfs-winsupport\");\n }\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:50:59", "description": "Security Fix(es) :\n\n - ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755)", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-27T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : libguestfs-winsupport on SL7.x x86_64 (20190806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:libguestfs-winsupport", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190806_LIBGUESTFS_WINSUPPORT_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/128230", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128230);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2019-9755\");\n\n script_name(english:\"Scientific Linux Security Update : libguestfs-winsupport on SL7.x x86_64 (20190806)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - ntfs-3g: heap-based buffer overflow leads to local root\n privilege escalation (CVE-2019-9755)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1908&L=SCIENTIFIC-LINUX-ERRATA&P=14409\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a4ad63c9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libguestfs-winsupport package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"libguestfs-winsupport-7.2-3.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libguestfs-winsupport\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T17:01:32", "description": "According to the version of the libguestfs-winsupport package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23.\n A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary, this could lead to a local escalation of privileges.(CVE-2019-9755)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : libguestfs-winsupport (EulerOS-SA-2019-2126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libguestfs-winsupport", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2126.NASL", "href": "https://www.tenable.com/plugins/nessus/130835", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130835);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-9755\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libguestfs-winsupport (EulerOS-SA-2019-2126)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the libguestfs-winsupport package\ninstalled, the EulerOS installation on the remote host is affected by\nthe following vulnerability :\n\n - An integer underflow issue exists in ntfs-3g 2017.3.23.\n A local attacker could potentially exploit this by\n running /bin/ntfs-3g with specially crafted arguments\n from a specially crafted directory to cause a heap\n buffer overflow, resulting in a crash or the ability to\n execute arbitrary code. In installations where\n /bin/ntfs-3g is a setuid-root binary, this could lead\n to a local escalation of privileges.(CVE-2019-9755)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2126\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?020e2366\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libguestfs-winsupport package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libguestfs-winsupport\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libguestfs-winsupport-7.2-3.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libguestfs-winsupport\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:21:42", "description": "Fix for CVE-2019-9755.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-04T00:00:00", "type": "nessus", "title": "Fedora 29 : 2:ntfs-3g (2019-e396eacd61)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-01-27T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:ntfs-3g", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-E396EACD61.NASL", "href": "https://www.tenable.com/plugins/nessus/123695", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-e396eacd61.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123695);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/27\");\n\n script_cve_id(\"CVE-2019-9755\");\n script_xref(name:\"FEDORA\", value:\"2019-e396eacd61\");\n\n script_name(english:\"Fedora 29 : 2:ntfs-3g (2019-e396eacd61)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2019-9755.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-e396eacd61\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:ntfs-3g package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"ntfs-3g-2017.3.23-11.fc29\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:ntfs-3g\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:21:12", "description": "Fix for CVE-2019-9755.\n\n----\n\nAdd Recommends: ntfs-3g-system-compression\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-05T00:00:00", "type": "nessus", "title": "Fedora 28 : 2:ntfs-3g (2019-c1e6c6edd9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-01-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:ntfs-3g", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-C1E6C6EDD9.NASL", "href": "https://www.tenable.com/plugins/nessus/123765", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-c1e6c6edd9.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123765);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/23\");\n\n script_cve_id(\"CVE-2019-9755\");\n script_xref(name:\"FEDORA\", value:\"2019-c1e6c6edd9\");\n\n script_name(english:\"Fedora 28 : 2:ntfs-3g (2019-c1e6c6edd9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2019-9755.\n\n----\n\nAdd Recommends: ntfs-3g-system-compression\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-c1e6c6edd9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:ntfs-3g package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"ntfs-3g-2017.3.23-11.fc28\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:ntfs-3g\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:18:50", "description": "A heap-based buffer overflow was discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of this flaw for local root privilege escalation.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-25T00:00:00", "type": "nessus", "title": "Debian DSA-4413-1 : ntfs-3g - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ntfs-3g", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4413.NASL", "href": "https://www.tenable.com/plugins/nessus/123023", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4413. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123023);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2019-9755\");\n script_xref(name:\"DSA\", value:\"4413\");\n\n script_name(english:\"Debian DSA-4413-1 : ntfs-3g - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow was discovered in NTFS-3G, a read-write\nNTFS driver for FUSE. A local user can take advantage of this flaw for\nlocal root privilege escalation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/ntfs-3g\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/ntfs-3g\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4413\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ntfs-3g packages.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 1:2016.2.22AR.1+dfsg-1+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ntfs-3g\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libntfs-3g871\", reference:\"1:2016.2.22AR.1+dfsg-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ntfs-3g\", reference:\"1:2016.2.22AR.1+dfsg-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ntfs-3g-dbg\", reference:\"1:2016.2.22AR.1+dfsg-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ntfs-3g-dev\", reference:\"1:2016.2.22AR.1+dfsg-1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"ntfs-3g-udeb\", reference:\"1:2016.2.22AR.1+dfsg-1+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:21:16", "description": "This update for ntfs-3g_ntfsprogs fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-9755: Fixed a heap-based buffer overflow which could lead to local privilege escalation (bsc#1130165).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "SUSE SLED12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2019:1000-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9755"], "modified": "2020-01-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libntfs", "p-cpe:/a:novell:suse_linux:libntfs-3g84-debuginfo", "p-cpe:/a:novell:suse_linux:ntfs", "p-cpe:/a:novell:suse_linux:ntfs-3g-debuginfo", "p-cpe:/a:novell:suse_linux:ntfs-3g_ntfsprogs-debugsource", "p-cpe:/a:novell:suse_linux:ntfsprogs", "p-cpe:/a:novell:suse_linux:ntfsprogs-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-1000-1.NASL", "href": "https://www.tenable.com/plugins/nessus/124293", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1000-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124293);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/22\");\n\n script_cve_id(\"CVE-2019-9755\");\n\n script_name(english:\"SUSE SLED12 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2019:1000-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntfs-3g_ntfsprogs fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-9755: Fixed a heap-based buffer overflow which could lead to\nlocal privilege escalation (bsc#1130165).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130165\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9755/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191000-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dfa3308e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-1000=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2019-1000=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-1000=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2019-1000=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-1000=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-1000=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libntfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libntfs-3g84-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfs-3g-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfs-3g_ntfsprogs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfsprogs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntfsprogs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libntfs-3g84-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libntfs-3g84-debuginfo-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntfs-3g-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntfs-3g-debuginfo-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntfs-3g_ntfsprogs-debugsource-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntfsprogs-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntfsprogs-debuginfo-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libntfs-3g84-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libntfs-3g84-debuginfo-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntfs-3g-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntfs-3g-debuginfo-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntfs-3g_ntfsprogs-debugsource-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntfsprogs-2013.1.13-5.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntfsprogs-debuginfo-2013.1.13-5.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntfs-3g_ntfsprogs\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-01T00:28:11", "description": "An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 4.3.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.\n\nSecurity Fix(es) :\n\n* QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378)\n\n* QEMU: qxl: NULL pointer dereference while releasing spice resources (CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* ccid: Fix incorrect dwProtocol advertisement of T=0 (BZ#1729880)\n\n* QEMU gets stuck on resume/cont call from libvirt (BZ#1741937)\n\n* [v2v] Migration performance regression (BZ#1743322)\n\n* qemu, qemu-img fail to detect alignment with XFS and Gluster/XFS on 4k block device (BZ#1745443)\n\n* qemu-kvm: backport cpuidle-haltpoll support (BZ#1746282)\n\n* qemu aborts in blockCommit: qemu-kvm: block.c:3486 (BZ#1750322)", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-24T00:00:00", "type": "nessus", "title": "RHEL 7 : Virtualization Manager (RHSA-2019:3179)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-14378"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-rhev", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev-debuginfo", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-rhev", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-3179.NASL", "href": "https://www.tenable.com/plugins/nessus/130188", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3179. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130188);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2019-12155\", \"CVE-2019-14378\");\n script_xref(name:\"RHSA\", value:\"2019:3179\");\n\n script_name(english:\"RHEL 7 : Virtualization Manager (RHSA-2019:3179)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for qemu-kvm-rhev is now available for Red Hat\nVirtualization 4 for Red Hat Enterprise Linux 7 and Red Hat\nVirtualization Engine 4.3.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution\nfor Linux on a variety of architectures. The qemu-kvm-rhev packages\nprovide the user-space component for running virtual machines that use\nKVM in environments managed by Red Hat products.\n\nSecurity Fix(es) :\n\n* QEMU: slirp: heap buffer overflow during packet reassembly\n(CVE-2019-14378)\n\n* QEMU: qxl: NULL pointer dereference while releasing spice resources\n(CVE-2019-12155)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* ccid: Fix incorrect dwProtocol advertisement of T=0 (BZ#1729880)\n\n* QEMU gets stuck on resume/cont call from libvirt (BZ#1741937)\n\n* [v2v] Migration performance regression (BZ#1743322)\n\n* qemu, qemu-img fail to detect alignment with XFS and Gluster/XFS on\n4k block device (BZ#1745443)\n\n* qemu-kvm: backport cpuidle-haltpoll support (BZ#1746282)\n\n* qemu aborts in blockCommit: qemu-kvm: block.c:3486 (BZ#1750322)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-12155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-14378\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3179\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-img-rhev-2.12.0-33.el7_7.4\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-common-rhev-2.12.0-33.el7_7.4\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-rhev-2.12.0-33.el7_7.4\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-rhev-debuginfo-2.12.0-33.el7_7.4\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"qemu-kvm-tools-rhev-2.12.0-33.el7_7.4\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu-img-rhev / qemu-kvm-common-rhev / qemu-kvm-rhev / etc\");\n }\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:27:56", "description": "This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\nFixed an issue which could allow malicious PV guests may cause a host crash or gain access to data pertaining to other guests.Additionally, vulnerable configurations are likely to be unstable even in the absence of an attack (bsc#1126198).\n\nFixed multiple access violations introduced by XENMEM_exchange hypercall which could allow a single PV guest to leak arbitrary amounts of memory, leading to a denial of service (bsc#1126192).\n\nFixed an issue which could allow a malicious unprivileged guest userspace process to escalate its privilege to that of other userspace processes in the same guest and potentially thereby to that of the guest operating system (bsc#1126201).\n\nFixed an issue which could allow malicious or buggy x86 PV guest kernels to mount a Denial of Service attack affecting the whole system (bsc#1126197).\n\nFixed an issue which could allow an untrusted PV domain with access to a physical device to DMA into its own pagetables leading to privilege escalation (bsc#1126195).\n\nFixed an issue which could allow a malicious or buggy x86 PV guest kernels can mount a Denial of Service attack affecting the whole system (bsc#1126196).\n\nCVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp (bsc#1123157).\n\nFixed an issue which could allow malicious 64bit PV guests to cause a host crash (bsc#1127400).\n\nFixed an issue which could allow malicious or buggy guests with passed through PCI devices to be able to escalate their privileges, crash the host, or access data belonging to other guests. Additionally memory leaks were also possible (bsc#1126140).\n\nFixed a race condition issue which could allow malicious PV guests to escalate their privilege to that of the hypervisor (bsc#1126141).\n\nCVE-2019-9824: Fixed an information leak in SLiRP networking implementation which could allow a user/process to read uninitialised stack memory contents (bsc#1129623).\n\nOther issues addressed: Upstream bug fixes (bsc#1027519)\n\nPackages should no longer use /var/adm/fillup-templates (bsc#1069468).\n\nAdded Xen cmdline option 'suse_vtsc_tolerance' to avoid TSC emulation for HVM domUs (bsc#1026236).\n\nFixed an issue where setup of grant_tables and other variables may fail (bsc#1126325).\n\nFixed a building issue (bsc#1119161).\n\nAdded a requirement for xen, xl.cfg firmware='pvgrub32|pvgrub64 (bsc#1127620).\n\nFixed a segmetation fault in Libvirt when crash triggered on top of HVM guest (bsc#1120067).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-08T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2019:0891-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6778", "CVE-2019-9824"], "modified": "2020-01-23T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0891-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123825", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0891-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123825);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/23\");\n\n script_cve_id(\"CVE-2019-6778\", \"CVE-2019-9824\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2019:0891-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\nFixed an issue which could allow malicious PV guests may cause a host\ncrash or gain access to data pertaining to other guests.Additionally,\nvulnerable configurations are likely to be unstable even in the\nabsence of an attack (bsc#1126198).\n\nFixed multiple access violations introduced by XENMEM_exchange\nhypercall which could allow a single PV guest to leak arbitrary\namounts of memory, leading to a denial of service (bsc#1126192).\n\nFixed an issue which could allow a malicious unprivileged guest\nuserspace process to escalate its privilege to that of other userspace\nprocesses in the same guest and potentially thereby to that of the\nguest operating system (bsc#1126201).\n\nFixed an issue which could allow malicious or buggy x86 PV guest\nkernels to mount a Denial of Service attack affecting the whole system\n(bsc#1126197).\n\nFixed an issue which could allow an untrusted PV domain with access to\na physical device to DMA into its own pagetables leading to privilege\nescalation (bsc#1126195).\n\nFixed an issue which could allow a malicious or buggy x86 PV guest\nkernels can mount a Denial of Service attack affecting the whole\nsystem (bsc#1126196).\n\nCVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in\nslirp (bsc#1123157).\n\nFixed an issue which could allow malicious 64bit PV guests to cause a\nhost crash (bsc#1127400).\n\nFixed an issue which could allow malicious or buggy guests with passed\nthrough PCI devices to be able to escalate their privileges, crash the\nhost, or access data belonging to other guests. Additionally memory\nleaks were also possible (bsc#1126140).\n\nFixed a race condition issue which could allow malicious PV guests to\nescalate their privilege to that of the hypervisor (bsc#1126141).\n\nCVE-2019-9824: Fixed an information leak in SLiRP networking\nimplementation which could allow a user/process to read uninitialised\nstack memory contents (bsc#1129623).\n\nOther issues addressed: Upstream bug fixes (bsc#1027519)\n\nPackages should no longer use /var/adm/fillup-templates (bsc#1069468).\n\nAdded Xen cmdline option 'suse_vtsc_tolerance' to avoid TSC emulation\nfor HVM domUs (bsc#1026236).\n\nFixed an issue where setup of grant_tables and other variables may\nfail (bsc#1126325).\n\nFixed a building issue (bsc#1119161).\n\nAdded a requirement for xen, xl.cfg firmware='pvgrub32|pvgrub64\n(bsc#1127620).\n\nFixed a segmetation fault in Libvirt when crash triggered on top of\nHVM guest (bsc#1120067).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1026236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1069468\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123157\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126196\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126201\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127620\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129623\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6778/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9824/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190891-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?87a9dc3a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-891=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-891=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-891=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-debugsource-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-html-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-debugsource-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.11.1_04-2.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.11.1_04-2.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:28:47", "description": "This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\nFixed multiple access violations introduced by XENMEM_exchange hypercall which could allow a single PV guest to leak arbitrary amounts of memory, leading to a denial of service (bsc#1126192).\n\nFixed an issue which could allow a malicious unprivileged guest userspace process to escalate its privilege to that of other userspace processes in the same guest and potentially thereby to that of the guest operating system (bsc#1126201).\n\nFixed an issue which could allow an untrusted PV domain with access to a physical device to DMA into its own pagetables leading to privilege escalation (bsc#1126195).\n\nFixed an issue which could allow a malicious or buggy x86 PV guest kernels can mount a Denial of Service attack affecting the whole system (bsc#1126196).\n\nCVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp (bsc#1123157).\n\nFixed an issue which could allow malicious PV guests may cause a host crash or gain access to data pertaining to other guests.Additionally, vulnerable configurations are likely to be unstable even in the absence of an attack (bsc#1126198).\n\nFixed an issue which could allow malicious 64bit PV guests to cause a host crash (bsc#1127400).\n\nFixed an issue which could allow malicious or buggy guests with passed through PCI devices to be able to escalate their privileges, crash the host, or access data belonging to other guests. Additionally memory leaks were also possible (bsc#1126140).\n\nFixed a race condition issue which could allow malicious PV guests to escalate their privilege to that of the hypervisor (bsc#1126141).\n\nCVE-2019-9824: Fixed an information leak in SLiRP networking implementation which could allow a user/process to read uninitialised stack memory contents (bsc#1129623).\n\nOther issues fixed: Fixed an issue where VMs crashing when migrating between dom0 hosts (bsc#1031382).\n\nUpstream bug fixes (bsc#1027519)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-02T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : xen (SUSE-SU-2019:14001-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6778", "CVE-2019-9824"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2019-14001-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123637", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:14001-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123637);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2019-6778\", \"CVE-2019-9824\");\n\n script_name(english:\"SUSE SLES11 Security Update : xen (SUSE-SU-2019:14001-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\nFixed multiple access violations introduced by XENMEM_exchange\nhypercall which could allow a single PV guest to leak arbitrary\namounts of memory, leading to a denial of service (bsc#1126192).\n\nFixed an issue which could allow a malicious unprivileged guest\nuserspace process to escalate its privilege to that of other userspace\nprocesses in the same guest and potentially thereby to that of the\nguest operating system (bsc#1126201).\n\nFixed an issue which could allow an untrusted PV domain with access to\na physical device to DMA into its own pagetables leading to privilege\nescalation (bsc#1126195).\n\nFixed an issue which could allow a malicious or buggy x86 PV guest\nkernels can mount a Denial of Service attack affecting the whole\nsystem (bsc#1126196).\n\nCVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in\nslirp (bsc#1123157).\n\nFixed an issue which could allow malicious PV guests may cause a host\ncrash or gain access to data pertaining to other guests.Additionally,\nvulnerable configurations are likely to be unstable even in the\nabsence of an attack (bsc#1126198).\n\nFixed an issue which could allow malicious 64bit PV guests to cause a\nhost crash (bsc#1127400).\n\nFixed an issue which could allow malicious or buggy guests with passed\nthrough PCI devices to be able to escalate their privileges, crash the\nhost, or access data belonging to other guests. Additionally memory\nleaks were also possible (bsc#1126140).\n\nFixed a race condition issue which could allow malicious PV guests to\nescalate their privilege to that of the hypervisor (bsc#1126141).\n\nCVE-2019-9824: Fixed an information leak in SLiRP networking\nimplementation which could allow a user/process to read uninitialised\nstack memory contents (bsc#1129623).\n\nOther issues fixed: Fixed an issue where VMs crashing when migrating\nbetween dom0 hosts (bsc#1031382).\n\nUpstream bug fixes (bsc#1027519)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123157\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126195\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126201\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127400\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-6778/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9824/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-201914001-1.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6757a2c0\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-xen-14001=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-xen-14001=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-xen-14001=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6778\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.4_40_3.0.101_108.87-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-4.4.4_40-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.4.4_40-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-4.4.4_40-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.4_40-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.4_40-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-4.4.4_40-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-pae-4.4.4_40_3.0.101_108.87-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-default-4.4.4_40_3.0.101_108.87-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-libs-4.4.4_40-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-tools-domU-4.4.4_40-61.43.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-pae-4.4.4_40_3.0.101_108.87-61.43.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-02T00:14:41", "description": "In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.\n(CVE-2020-8608)\n\ntcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. (CVE-2019-9824)", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2020-07-23T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : qemu (ALAS-2020-1467)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-9824", "CVE-2020-8608"], "modified": "2020-07-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ivshmem-tools", "p-cpe:/a:amazon:linux:qemu", "p-cpe:/a:amazon:linux:qemu-audio-alsa", "p-cpe:/a:amazon:linux:qemu-audio-oss", "p-cpe:/a:amazon:linux:qemu-audio-pa", "p-cpe:/a:amazon:linux:qemu-audio-sdl", "p-cpe:/a:amazon:linux:qemu-block-curl", "p-cpe:/a:amazon:linux:qemu-block-dmg", "p-cpe:/a:amazon:linux:qemu-block-iscsi", "p-cpe:/a:amazon:linux:qemu-block-nfs", "p-cpe:/a:amazon:linux:qemu-block-rbd", "p-cpe:/a:amazon:linux:qemu-block-ssh", "p-cpe:/a:amazon:linux:qemu-common", "p-cpe:/a:amazon:linux:qemu-debuginfo", "p-cpe:/a:amazon:linux:qemu-guest-agent", "p-cpe:/a:amazon:linux:qemu-img", "p-cpe:/a:amazon:linux:qemu-kvm", "p-cpe:/a:amazon:linux:qemu-kvm-core", "p-cpe:/a:amazon:linux:qemu-system-aarch64", "p-cpe:/a:amazon:linux:qemu-system-aarch64-core", "p-cpe:/a:amazon:linux:qemu-system-x86", "p-cpe:/a:amazon:linux:qemu-system-x86-core", "p-cpe:/a:amazon:linux:qemu-ui-curses", "p-cpe:/a:amazon:linux:qemu-ui-gtk", "p-cpe:/a:amazon:linux:qemu-ui-sdl", "p-cpe:/a:amazon:linux:qemu-user", "p-cpe:/a:amazon:linux:qemu-user-binfmt", "p-cpe:/a:amazon:linux:qemu-user-static", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1467.NASL", "href": "https://www.tenable.com/plugins/nessus/138856", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1467.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138856);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/27\");\n\n script_cve_id(\"CVE-2019-9824\", \"CVE-2020-8608\");\n script_xref(name:\"ALAS\", value:\"2020-1467\");\n\n script_name(english:\"Amazon Linux 2 : qemu (ALAS-2020-1467)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf\nreturn values, leading to a buffer overflow in later code.\n(CVE-2020-8608)\n\ntcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0\nuses uninitialized data in an snprintf call, leading to Information\ndisclosure. (CVE-2019-9824)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1467.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update qemu' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ivshmem-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-audio-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-audio-oss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-audio-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-audio-sdl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-dmg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-nfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-img\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-kvm-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-system-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-system-aarch64-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-system-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-system-x86-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-ui-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-ui-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-ui-sdl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-user\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-user-binfmt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:qemu-user-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"ivshmem-tools-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-audio-alsa-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-audio-oss-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-audio-pa-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-audio-sdl-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-curl-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-dmg-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-iscsi-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-nfs-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"qemu-block-rbd-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-block-ssh-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-common-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-debuginfo-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-guest-agent-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-img-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-kvm-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-kvm-core-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-system-aarch64-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-system-aarch64-core-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-system-x86-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-system-x86-core-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-ui-curses-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-ui-gtk-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-ui-sdl-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-user-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-user-binfmt-3.1.0-8.amzn2.0.3\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"qemu-user-static-3.1.0-8.amzn2.0.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ivshmem-tools / qemu / qemu-audio-alsa / qemu-audio-oss / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:27:30", "description": "The remote host is affected by the vulnerability described in GLSA-201904-25 (QEMU: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "GLSA-201904-25 : QEMU: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20815", "CVE-2019-9824"], "modified": "2020-01-22T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:qemu", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201904-25.NASL", "href": "https://www.tenable.com/plugins/nessus/124289", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201904-25.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124289);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/22\");\n\n script_cve_id(\"CVE-2018-20815\", \"CVE-2019-9824\");\n script_xref(name:\"GLSA\", value:\"201904-25\");\n\n script_name(english:\"GLSA-201904-25 : QEMU: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201904-25\n(QEMU: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in QEMU. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201904-25\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All QEMU users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/qemu-3.1.0-r4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/qemu\", unaffected:make_list(\"ge 3.1.0-r4\"), vulnerable:make_list(\"lt 3.1.0-r4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"QEMU\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:21:18", "description": "- CVE-2019-12155: qxl: NULL pointer dereference while releasing spice resources (bz #1712727, bz #1712670)\n\n - CVE-2019-5008: NULL pointer dereference in hw/sparc64/sun4u.c leading to DoS (bz #1705916, bz #1705915)\n\n - CVE-2018-20815: device_tree: heap buffer overflow while loading device tree blob (bz #1693117, bz #1693101)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "Fedora 29 : 2:qemu (2019-e9de40d53f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20815", "CVE-2019-12155", "CVE-2019-5008"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:qemu", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-E9DE40D53F.NASL", "href": "https://www.tenable.com/plugins/nessus/126533", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-e9de40d53f.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126533);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2018-20815\", \"CVE-2019-12155\", \"CVE-2019-5008\");\n script_xref(name:\"FEDORA\", value:\"2019-e9de40d53f\");\n\n script_name(english:\"Fedora 29 : 2:qemu (2019-e9de40d53f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - CVE-2019-12155: qxl: NULL pointer dereference while\n releasing spice resources (bz #1712727, bz #1712670)\n\n - CVE-2019-5008: NULL pointer dereference in\n hw/sparc64/sun4u.c leading to DoS (bz #1705916, bz\n #1705915)\n\n - CVE-2018-20815: device_tree: heap buffer overflow while\n loading device tree blob (bz #1693117, bz #1693101)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-e9de40d53f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:qemu package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"qemu-3.0.1-4.fc29\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:qemu\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:37:01", "description": "This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794).\n\n - CVE-2019-12155: Security fix for NULL pointer dereference while releasing spice resources (bsc#1135902).\n\n - CVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402).\n\nBug fixes and enhancements :\n\n - Add vcpu features needed for Cascadelake-Server, Icelake-Client and Icelake-Server, especially the foundational arch-capabilities to help with security and performance on Intel hosts (bsc#1134883) (fate#327764)\n\n - Add support for one more security/performance related vcpu feature (bsc#1136778) (fate#327796)\n\n - Disable file locking in the Xen PV disk backend to avoid locking issues with PV domUs during migration. The issues triggered by the locking can not be properly handled in libxl. The locking introduced in qemu-2.10 was removed again in qemu-4.0 (bsc#1079730, bsc#1098403, bsc#1111025).\n\n - Ignore csske for expanding the cpu model (bsc#1136540)\n\n - Fix vm migration is failing with input/output error when nfs server is disconnected (bsc#1119115)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-09-03T00:00:00", "type": "nessus", "title": "openSUSE Security Update : qemu (openSUSE-2019-2059)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-13164", "CVE-2019-14378"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:qemu", "p-cpe:/a:novell:opensuse:qemu-arm", "p-cpe:/a:novell:opensuse:qemu-arm-debuginfo", "p-cpe:/a:novell:opensuse:qemu-block-curl", "p-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo", "p-cpe:/a:novell:opensuse:qemu-block-dmg", "p-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo", "p-cpe:/a:novell:opensuse:qemu-block-gluster", "p-cpe:/a:novell:opensuse:qemu-block-gluster-debuginfo", "p-cpe:/a:novell:opensuse:qemu-block-iscsi", "p-cpe:/a:novell:opensuse:qemu-block-iscsi-debuginfo", "p-cpe:/a:novell:opensuse:qemu-block-rbd", "p-cpe:/a:novell:opensuse:qemu-block-rbd-debuginfo", "p-cpe:/a:novell:opensuse:qemu-block-ssh", "p-cpe:/a:novell:opensuse:qemu-block-ssh-debuginfo", "p-cpe:/a:novell:opensuse:qemu-debuginfo", "p-cpe:/a:novell:opensuse:qemu-debugsource", "p-cpe:/a:novell:opensuse:qemu-extra", "p-cpe:/a:novell:opensuse:qemu-extra-debuginfo", "p-cpe:/a:novell:opensuse:qemu-guest-agent", "p-cpe:/a:novell:opensuse:qemu-guest-agent-debuginfo", "p-cpe:/a:novell:opensuse:qemu-ipxe", "p-cpe:/a:novell:opensuse:qemu-ksm", "p-cpe:/a:novell:opensuse:qemu-kvm", "p-cpe:/a:novell:opensuse:qemu-lang", "p-cpe:/a:novell:opensuse:qemu-ppc", "p-cpe:/a:novell:opensuse:qemu-ppc-debuginfo", "p-cpe:/a:novell:opensuse:qemu-s390", "p-cpe:/a:novell:opensuse:qemu-s390-debuginfo", "p-cpe:/a:novell:opensuse:qemu-seabios", "p-cpe:/a:novell:opensuse:qemu-sgabios", "p-cpe:/a:novell:opensuse:qemu-tools", "p-cpe:/a:novell:opensuse:qemu-tools-debuginfo", "p-cpe:/a:novell:opensuse:qemu-vgabios", "p-cpe:/a:novell:opensuse:qemu-x86", "p-cpe:/a:novell:opensuse:qemu-x86-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2059.NASL", "href": "https://www.tenable.com/plugins/nessus/128465", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2059.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128465);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-12155\", \"CVE-2019-13164\", \"CVE-2019-14378\");\n\n script_name(english:\"openSUSE Security Update : qemu (openSUSE-2019-2059)\");\n script_summary(english:\"Check for the openSUSE-2019-2059 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-14378: Security fix for heap overflow in\n ip_reass on big packet input (bsc#1143794).\n\n - CVE-2019-12155: Security fix for NULL pointer\n dereference while releasing spice resources\n (bsc#1135902).\n\n - CVE-2019-13164: Security fix for qemu-bridge-helper ACL\n can be bypassed when names are too long (bsc#1140402).\n\nBug fixes and enhancements :\n\n - Add vcpu features needed for Cascadelake-Server,\n Icelake-Client and Icelake-Server, especially the\n foundational arch-capabilities to help with security and\n performance on Intel hosts (bsc#1134883) (fate#327764)\n\n - Add support for one more security/performance related\n vcpu feature (bsc#1136778) (fate#327796)\n\n - Disable file locking in the Xen PV disk backend to avoid\n locking issues with PV domUs during migration. The\n issues triggered by the locking can not be properly\n handled in libxl. The locking introduced in qemu-2.10\n was removed again in qemu-4.0 (bsc#1079730, bsc#1098403,\n bsc#1111025).\n\n - Ignore csske for expanding the cpu model (bsc#1136540)\n\n - Fix vm migration is failing with input/output error when\n nfs server is disconnected (bsc#1119115)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1079730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1098403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1134883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1135902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1136540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1136778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1143794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/327764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://features.opensuse.org/327796\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected qemu packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-arm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-dmg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-dmg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-gluster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-gluster-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-block-ssh-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-guest-agent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-ipxe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-ksm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-ppc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-ppc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-s390-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-seabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-sgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-vgabios\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qemu-x86-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-arm-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-arm-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-curl-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-curl-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-dmg-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-dmg-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-gluster-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-gluster-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-iscsi-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-iscsi-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-rbd-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-rbd-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-ssh-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-block-ssh-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-debugsource-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-extra-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-extra-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-guest-agent-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-guest-agent-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-ipxe-1.0.0+-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-ksm-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-kvm-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-lang-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-ppc-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-ppc-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-s390-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-s390-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-seabios-1.11.0-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-sgabios-8-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-tools-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-tools-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-vgabios-1.11.0-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-x86-2.11.2-lp150.7.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"qemu-x86-debuginfo-2.11.2-lp150.7.25.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu / qemu-arm / qemu-arm-debuginfo / qemu-block-curl / etc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:28:12", "description": "This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794).\n\nCVE-2019-12155: Security fix for NULL pointer dereference while releasing spice resources (bsc#1135902).\n\nCVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-09-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : qemu (SUSE-SU-2019:2157-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-13164", "CVE-2019-14378"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-ssh", "p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-debugsource", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-s390", "p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-x86", "p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2157-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128609", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2157-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128609);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-12155\", \"CVE-2019-13164\", \"CVE-2019-14378\");\n\n script_name(english:\"SUSE SLES12 Security Update : qemu (SUSE-SU-2019:2157-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-14378: Security fix for heap overflow in ip_reass on big\npacket input (bsc#1143794).\n\nCVE-2019-12155: Security fix for NULL pointer dereference while\nreleasing spice resources (bsc#1135902).\n\nCVE-2019-13164: Security fix for qemu-bridge-helper ACL can be\nbypassed when names are too long (bsc#1140402).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12155/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13164/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14378/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192157-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?917bdb3c\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-2157=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-2157=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-2157=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-2157=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2019-2157=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-block-rbd-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-block-rbd-debuginfo-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-x86-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"qemu-x86-debuginfo-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"s390x\", reference:\"qemu-s390-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"s390x\", reference:\"qemu-s390-debuginfo-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-block-curl-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-block-curl-debuginfo-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-block-ssh-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-block-ssh-debuginfo-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-debugsource-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-guest-agent-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-guest-agent-debuginfo-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-kvm-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-lang-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-tools-2.6.2-41.55.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"qemu-tools-debuginfo-2.6.2-41.55.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:34:03", "description": "This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794).\n\nCVE-2019-12155: Security fix for NULL pointer dereference while releasing spice resources (bsc#1135902).\n\nCVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402).\n\nBug fixes and enhancements: Add vcpu features needed for Cascadelake-Server, Icelake-Client and Icelake-Server, especially the foundational arch-capabilities to help with security and performance on Intel hosts (bsc#1134883) (fate#327764)\n\nAdd support for one more security/performance related vcpu feature (bsc#1136778) (fate#327796)\n\nDisable file locking in the Xen PV disk backend to avoid locking issues with PV domUs during migration. The issues triggered by the locking can not be properly handled in libxl. The locking introduced in qemu-2.10 was removed again in qemu-4.0 (bsc#1079730, bsc#1098403, bsc#1111025).\n\nIgnore csske for expanding the cpu model (bsc#1136540)\n\nFix vm migration is failing with input/output error when nfs server is disconnected (bsc#1119115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-29T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2019:2246-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-13164", "CVE-2019-14378"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-dmg", "p-cpe:/a:novell:suse_linux:qemu-block-dmg-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-iscsi", "p-cpe:/a:novell:suse_linux:qemu-block-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-ssh", "p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-debugsource", "p-cpe:/a:novell:suse_linux:qemu-extra", "p-cpe:/a:novell:suse_linux:qemu-extra-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-linux-user", "p-cpe:/a:novell:suse_linux:qemu-linux-user-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-linux-user-debugsource", "p-cpe:/a:novell:suse_linux:qemu-s390", "p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-x86", "p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2246-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128318", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2246-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128318);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-12155\", \"CVE-2019-13164\", \"CVE-2019-14378\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2019:2246-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-14378: Security fix for heap overflow in ip_reass on big\npacket input (bsc#1143794).\n\nCVE-2019-12155: Security fix for NULL pointer dereference while\nreleasing spice resources (bsc#1135902).\n\nCVE-2019-13164: Security fix for qemu-bridge-helper ACL can be\nbypassed when names are too long (bsc#1140402).\n\nBug fixes and enhancements: Add vcpu features needed for\nCascadelake-Server, Icelake-Client and Icelake-Server, especially the\nfoundational arch-capabilities to help with security and performance\non Intel hosts (bsc#1134883) (fate#327764)\n\nAdd support for one more security/performance related vcpu feature\n(bsc#1136778) (fate#327796)\n\nDisable file locking in the Xen PV disk backend to avoid locking\nissues with PV domUs during migration. The issues triggered by the\nlocking can not be properly handled in libxl. The locking introduced\nin qemu-2.10 was removed again in qemu-4.0 (bsc#1079730, bsc#1098403,\nbsc#1111025).\n\nIgnore csske for expanding the cpu model (bsc#1136540)\n\nFix vm migration is failing with input/output error when nfs server is\ndisconnected (bsc#1119115)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1079730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12155/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13164/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14378/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192246-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?901c6416\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15:zypper in -t\npatch SUSE-SLE-Module-Server-Applications-15-2019-2246=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2246=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-2246=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-dmg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-dmg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-linux-user\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-linux-user-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-linux-user-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"qemu-x86-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"qemu-x86-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"qemu-s390-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"qemu-s390-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-curl-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-curl-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-dmg-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-dmg-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-iscsi-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-iscsi-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-rbd-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-rbd-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-ssh-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-block-ssh-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-debugsource-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-extra-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-extra-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-guest-agent-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-guest-agent-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-kvm-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-lang-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-linux-user-2.11.2-9.28.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-linux-user-debuginfo-2.11.2-9.28.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-linux-user-debugsource-2.11.2-9.28.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-tools-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"qemu-tools-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-block-dmg-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-block-dmg-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-debugsource-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-extra-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-extra-debuginfo-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-linux-user-2.11.2-9.28.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-linux-user-debuginfo-2.11.2-9.28.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-linux-user-debugsource-2.11.2-9.28.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-tools-2.11.2-9.28.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"qemu-tools-debuginfo-2.11.2-9.28.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:35:54", "description": "This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794).\n\nCVE-2019-12155: Security fix for NULL pointer dereference while releasing spice resources (bsc#1135902).\n\nCVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-28T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : qemu (SUSE-SU-2019:2221-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-13164", "CVE-2019-14378"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-debugsource", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-s390", "p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-x86", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2221-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128301", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2221-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128301);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-12155\", \"CVE-2019-13164\", \"CVE-2019-14378\");\n\n script_name(english:\"SUSE SLES12 Security Update : qemu (SUSE-SU-2019:2221-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-14378: Security fix for heap overflow in ip_reass on big\npacket input (bsc#1143794).\n\nCVE-2019-12155: Security fix for NULL pointer dereference while\nreleasing spice resources (bsc#1135902).\n\nCVE-2019-13164: Security fix for qemu-bridge-helper ACL can be\nbypassed when names are too long (bsc#1140402).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12155/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13164/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14378/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192221-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b72be2e\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-2221=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-2221=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"qemu-block-rbd-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"qemu-block-rbd-debuginfo-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"qemu-x86-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"qemu-s390-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"qemu-s390-debuginfo-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-block-curl-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-block-curl-debuginfo-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-debugsource-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-guest-agent-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-guest-agent-debuginfo-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-kvm-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-lang-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-tools-2.3.1-33.26.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-tools-debuginfo-2.3.1-33.26.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:28:17", "description": "This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input (bsc#1143794).\n\nCVE-2019-12155: Security fix for NULL pointer dereference while releasing spice resources (bsc#1135902).\n\nCVE-2019-13164: Security fix for qemu-bridge-helper ACL can be bypassed when names are too long (bsc#1140402).\n\nBug fixes and enhancements: Add vcpu features needed for Cascadelake-Server, Icelake-Client and Icelake-Server, especially the foundational arch-capabilities to help with security and performance on Intel hosts (bsc#1134880) (fate#327764).\n\nAdd support for one more security/performance related vcpu feature (bsc#1136777) (fate#327795).\n\nDisable file locking in the Xen PV disk backend to avoid locking issues with PV domUs during migration. The issues triggered by the locking can not be properly handled in libxl. The locking introduced in qemu-2.10 was removed again in qemu-4.0 (bsc#1079730, bsc#1098403, bsc#1111025).\n\nIgnore csske for expanding the cpu model (bsc#1136528).\n\nProvide qcow2 L2 caching improvements, which allows for better storage performance in certain configurations (bsc#1139926, ECO-130).\n\nFixed virsh migrate-setspeed (bsc#1127077, bsc#1141043).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-09-12T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2019:2353-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-13164", "CVE-2019-14378"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-iscsi", "p-cpe:/a:novell:suse_linux:qemu-block-iscsi-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-ssh", "p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-debugsource", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-s390", "p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-x86", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2353-1.NASL", "href": "https://www.tenable.com/plugins/nessus/128753", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2353-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128753);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-12155\", \"CVE-2019-13164\", \"CVE-2019-14378\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2019:2353-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for qemu fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-14378: Security fix for heap overflow in ip_reass on big\npacket input (bsc#1143794).\n\nCVE-2019-12155: Security fix for NULL pointer dereference while\nreleasing spice resources (bsc#1135902).\n\nCVE-2019-13164: Security fix for qemu-bridge-helper ACL can be\nbypassed when names are too long (bsc#1140402).\n\nBug fixes and enhancements: Add vcpu features needed for\nCascadelake-Server, Icelake-Client and Icelake-Server, especially the\nfoundational arch-capabilities to help with security and performance\non Intel hosts (bsc#1134880) (fate#327764).\n\nAdd support for one more security/performance related vcpu feature\n(bsc#1136777) (fate#327795).\n\nDisable file locking in the Xen PV disk backend to avoid locking\nissues with PV domUs during migration. The issues triggered by the\nlocking can not be properly handled in libxl. The locking introduced\nin qemu-2.10 was removed again in qemu-4.0 (bsc#1079730, bsc#1098403,\nbsc#1111025).\n\nIgnore csske for expanding the cpu model (bsc#1136528).\n\nProvide qcow2 L2 caching improvements, which allows for better storage\nperformance in certain configurations (bsc#1139926, ECO-130).\n\nFixed virsh migrate-setspeed (bsc#1127077, bsc#1141043).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1079730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098403\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1136777\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12155/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13164/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14378/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192353-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c0965071\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2353=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-2353=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-iscsi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-iscsi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-ssh-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-block-rbd-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-block-rbd-debuginfo-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-x86-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"s390x\", reference:\"qemu-s390-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"s390x\", reference:\"qemu-s390-debuginfo-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-block-curl-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-block-curl-debuginfo-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-block-iscsi-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-block-iscsi-debuginfo-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-block-ssh-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-block-ssh-debuginfo-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-debugsource-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-guest-agent-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-guest-agent-debuginfo-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-kvm-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-lang-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-tools-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"qemu-tools-debuginfo-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-block-curl-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-block-curl-debuginfo-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-debugsource-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-kvm-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-tools-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-tools-debuginfo-2.11.2-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"qemu-x86-2.11.2-5.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-10-14T00:24:05", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1216 advisory.\n\n - QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\n - QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378)\n\n - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-03-31T00:00:00", "type": "nessus", "title": "RHEL 7 : qemu-kvm-rhev (RHSA-2020:1216)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-14378", "CVE-2020-1711"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-rhev", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev", "p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-rhev"], "id": "REDHAT-RHSA-2020-1216.NASL", "href": "https://www.tenable.com/plugins/nessus/135033", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1216. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135033);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2019-12155\", \"CVE-2019-14378\", \"CVE-2020-1711\");\n script_bugtraq_id(108429);\n script_xref(name:\"RHSA\", value:\"2020:1216\");\n\n script_name(english:\"RHEL 7 : qemu-kvm-rhev (RHSA-2020:1216)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1216 advisory.\n\n - QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)\n\n - QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378)\n\n - QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server (CVE-2020-1711)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/476.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-12155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-14378\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-1711\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1712670\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1734745\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1794290\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14378\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(122, 476);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-img-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-common-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-rhev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qemu-kvm-tools-rhev\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_7_hypervisor': [\n 'rhel-7-server-rhev-mgmt-agent-debug-rpms',\n 'rhel-7-server-rhev-mgmt-agent-els-debug-rpms',\n 'rhel-7-server-rhev-mgmt-agent-els-rpms',\n 'rhel-7-server-rhev-mgmt-agent-els-source-rpms',\n 'rhel-7-server-rhev-mgmt-agent-rpms',\n 'rhel-7-server-rhev-mgmt-agent-source-rpms',\n 'rhel-7-server-rhevh-els-rpms',\n 'rhel-7-server-rhevh-els-source-rpms',\n 'rhel-7-server-rhevh-rpms',\n 'rhel-7-server-rhevh-source-rpms',\n 'rhel-7-server-rhv-4-manager-tools-debug-rpms',\n 'rhel-7-server-rhv-4-manager-tools-rpms',\n 'rhel-7-server-rhv-4-manager-tools-source-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-debug-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-source-rpms',\n 'rhel-7-server-rhv-4-tools-debug-rpms',\n 'rhel-7-server-rhv-4-tools-rpms',\n 'rhel-7-server-rhv-4-tools-source-rpms',\n 'rhel-7-server-rhv-4.2-mgmt-agent-eus-debug-rpms',\n 'rhel-7-server-rhv-4.2-mgmt-agent-eus-rpms',\n 'rhel-7-server-rhv-4.2-mgmt-agent-eus-source-rpms',\n 'rhel-7-server-rhv-4.3-mgmt-agent-eus-rpms',\n 'rhel-7-server-rhvh-4-build-debug-rpms',\n 'rhel-7-server-rhvh-4-build-rpms',\n 'rhel-7-server-rhvh-4-build-source-rpms',\n 'rhel-7-server-rhvh-4-debug-rpms',\n 'rhel-7-server-rhvh-4-rpms',\n 'rhel-7-server-rhvh-4-source-rpms',\n 'rhel-7-server-rhvh-4.2-build-eus-rpms',\n 'rhel-7-server-rhvh-4.2-build-eus-source-rpms',\n 'rhel-7-server-rhvh-4.2-eus-debug-rpms',\n 'rhel-7-server-rhvh-4.2-eus-rpms',\n 'rhel-7-server-rhvh-4.2-eus-source-rpms',\n 'rhel-7-server-rhvh-4.3-build-eus-rpms',\n 'rhel-7-server-rhvh-4.3-build-eus-source-rpms',\n 'rhel-7-server-rhvh-4.3-eus-rpms',\n 'rhel-7-server-rhvh-4.3-eus-source-rpms'\n ],\n 'rhev_manager_4': [\n 'rhel-7-server-rhv-4-power-debug-rpms',\n 'rhel-7-server-rhv-4-power-rpms',\n 'rhel-7-server-rhv-4-power-source-rpms',\n 'rhel-7-server-rhv-4.0-debug-rpms',\n 'rhel-7-server-rhv-4.0-manager-debug-rpms',\n 'rhel-7-server-rhv-4.0-manager-rpms',\n 'rhel-7-server-rhv-4.0-manager-source-rpms',\n 'rhel-7-server-rhv-4.0-rpms',\n 'rhel-7-server-rhv-4.0-source-rpms',\n 'rhel-7-server-rhv-4.1-debug-rpms',\n 'rhel-7-server-rhv-4.1-manager-debug-rpms',\n 'rhel-7-server-rhv-4.1-manager-rpms',\n 'rhel-7-server-rhv-4.1-manager-source-rpms',\n 'rhel-7-server-rhv-4.1-rpms',\n 'rhel-7-server-rhv-4.1-source-rpms'\n ],\n 'rhev_manager_4_2': [\n 'rhel-7-server-rhv-4.2-manager-debug-rpms',\n 'rhel-7-server-rhv-4.2-manager-rpms',\n 'rhel-7-server-rhv-4.2-manager-source-rpms'\n ],\n 'rhev_manager_4_3': [\n 'rhel-7-server-rhv-4.3-manager-debug-rpms',\n 'rhel-7-server-rhv-4.3-manager-rpms',\n 'rhel-7-server-rhv-4.3-manager-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'qemu-img-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10', 'exists_check':'redhat-release-virtualization-host-4', 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4', 'rhev_manager_4_2', 'rhev_manager_4_3']},\n {'reference':'qemu-kvm-common-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10', 'exists_check':'redhat-release-virtualization-host-4', 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4', 'rhev_manager_4_2', 'rhev_manager_4_3']},\n {'reference':'qemu-kvm-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10', 'exists_check':'redhat-release-virtualization-host-4', 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4', 'rhev_manager_4_2', 'rhev_manager_4_3']},\n {'reference':'qemu-kvm-tools-rhev-2.12.0-44.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10', 'exists_check':'redhat-release-virtualization-host-4', 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4', 'rhev_manager_4_2', 'rhev_manager_4_3']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu-img-rhev / qemu-kvm-common-rhev / qemu-kvm-rhev / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-12T14:54:44", "description": "The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14151-1 advisory.\n\n - interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.\n (CVE-2019-12155)\n\n - qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.\n (CVE-2019-13164)\n\n - ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. (CVE-2019-14378)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : kvm (SUSE-SU-2019:14151-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12155", "CVE-2019-13164", "CVE-2019-14378"], "modified": "2022-01-21T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:11:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:kvm:*:*:*:*:*:*:*"], "id": "SUSE_SU-2019-14151-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150648", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2019:14151-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150648);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/21\");\n\n script_cve_id(\"CVE-2019-12155\", \"CVE-2019-13164\", \"CVE-2019-14378\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2019:14151-1\");\n\n script_name(english:\"SUSE SLES11 Security Update : kvm (SUSE-SU-2019:14151-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2019:14151-1 advisory.\n\n - interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.\n (CVE-2019-12155)\n\n - qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from\n bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.\n (CVE-2019-13164)\n\n - ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it\n mishandles a case involving the first fragment. (CVE-2019-14378)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1135902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1140402\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143794\");\n # https://lists.suse.com/pipermail/sle-security-updates/2019-August/005835.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5ce922f7\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-12155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13164\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14378\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kvm package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14378\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'kvm-1.4.2-60.27', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'kvm-1.4.2-60.27', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kvm');\n}\n", "cvss": {"score": 6.5, "vector": "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:29:25", "description": "This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\nFixed an issue which could allow malicious PV guests may cause a host crash or gain access to data pertaining to other guests.Additionally, vulnerable configurations are likely to be unstable even in the absence of an attack (bsc#1126198).\n\nFixed multiple access violations introduced by XENMEM_exchange hypercall which could allow a single PV guest to leak arbitrary amounts of memory, leading to a denial of service (bsc#1126192).\n\nFixed an issue which could allow a malicious unprivileged guest userspace process to escalate its privilege to that of other userspace processes in the same guest and potentially thereby to that of the guest operating system (bsc#1126201).\n\nFixed an issue which could allow a malicious or buggy x86 PV guest kernels can mount a Denial of Service attack affecting the whole system (bsc#1126196).\n\nFixed an issue which could allow an untrusted PV domain with access to a physical device to DMA into its own pagetables leading to privilege escalation (bsc#1126195).\n\nCVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in slirp (bsc#1123157).\n\nFixed an issue which could allow malicious 64bit PV guests to cause a host crash (bsc#1127400).\n\nFixed an issue which could allow malicious or buggy guests with passed through PCI devices to be able to escalate their privileges, crash the host, or access data belonging to other guests. Additionally memory leaks were also possible (bsc#1126140).\n\nFixed a race condition issue which could allow malicious PV guests to escalate their privilege to that of the hypervisor (bsc#1126141).\n\nCVE-2019-9824: Fixed an information leak in SLiRP networking implementation which could allow a user/process to read uninitialised stack memory contents (bsc#1129623).\n\nCVE-2018-19967: Fixed HLE constructs that allowed guests to lock up the host, resulting in a Denial of Service (DoS). (XSA-282) (bsc#1114988)\n\nOther issue addressed: Added Xen cmdline option 'suse_vtsc_tolerance' to avoid TSC emulation for HVM domUs (bsc#1026236).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-11T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : xen (SUSE-SU-2019:0921-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19967", "CVE-2019-6778", "CVE-2019-9824"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0921-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123993", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0921-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123993);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-19967\", \"CVE-2019-6778\", \"CVE-2019-9824\");\n\n script_name(english:\"SUSE SLES12 Security Update : xen (SUSE-SU-2019:0921-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for xen fixes the following issues :\n\nSecurity issues fixed :\n\nFixed an issue which could allow malicious PV guests may cause a host\ncrash or gain access to data pertaining to other guests.Additionally,\nvulnerable configurations are likely to be unstable even in the\nabsence of an attack (bsc#1126198).\n\nFixed multiple access violations introduced by XENMEM_exchange\nhypercall which could allow a single PV guest to leak arbitrary\namounts of memory, leading to a denial of service (bsc#1126192).\n\nFixed an issue which could allow a malicious unprivileged guest\nuserspace process to escalate its privilege to that of other userspace\nprocesses in the same guest and potentially thereby to that of the\nguest operating system (bsc#1126201).\n\nFixed an issue which could allow a malicious or buggy x86 PV guest\nkernels can mount a Denial of Service attack affecting the whole\nsystem (bsc#1126196).\n\nFixed an issue which could allow an untrusted PV domain with access to\na physical device to DMA into its own pagetables leading to privilege\nescalation (bsc#1126195).\n\nCVE-2019-6778: Fixed a heap buffer overflow in tcp_emu() found in\nslirp (bsc#1123157).\n\nFixed an issue which could allow malicious 64bit PV guests to cause a\nhost crash (bsc#1127400).\n\nFixed an issue which could allow malicious or buggy guests with passed\nthrough PCI devices to be able to escalate their privileges, crash the\nhost, or access data belonging to other guests. Additionally memory\nleaks were also possible (bsc#1126140).\n\nFixed a race condition issue which could allow malicious PV guests to\nescalate their privilege to that of the hypervisor (bsc#1126141).\n\nCVE-2019-9824: Fixed an information leak in SLiRP networking\nimplementation which could allow a user/process to read uninitialised\nstack memory contents (bsc#1129623).\n\nCVE-2018-19967: Fixed HLE constructs that allowed guests to lock up\nthe host, resulting in a Denial of Service (DoS). (XSA-282)\n(bsc#1114988)\n\nOther issue addressed: Added Xen cmdline option 'suse_vtsc_tolerance'\nto avoid TSC emulation for HVM domUs (bsc#1026236).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory.